Skip to main content
Outside service Partner
Hitachi Vantara Knowledge

Controlling access to the System Management Console


The Console Security page in the HCP System Management Console lets you control access to the Console from specified IP addresses. To display this page, in the top-level menu of the System Management Console, select Security Console Security.

RoleWebHelp.png

Roles: To view and modify information on the Console Security page, you need the security role.

You can choose to allow access to the HCP System Management Console only from specific IP addresses. Similarly, you can choose to deny access to the Console from specific IP addresses.

To control access to the System Management Console, on the Console Security page:

Optionally, specify IP addresses to be allowed access to the Console. To do this:

1.Click on the Allow tab.

2.Follow the instructions in Adding and removing entries in Allow and Deny lists.

Optionally, specify IP addresses to be denied access to the Console. To do this:

1.Click on the Deny tab.

2.Follow the instructions in Adding and removing entries in Allow and Deny lists.

To specify how HCP should handle IP addresses that appear in both or neither of the Allow and Deny lists, select or deselect Allow request when same IP is used in both lists. Changes to this option take effect immediately.

For the effects of this option, see .

© 2015, 2019 Hitachi Vantara Corporation. All rights reserved.

Adding and removing entries in Allow and Deny lists


To add an entry to an Allow or Deny list:

1.In the field above the list, type the entry you want. For a description of valid entries, see Allow and Deny list handling.

2.Click on Add.

To remove entries from an Allow or Deny list:

To remove a single entry, click on the delete control ( DeleteControl.png ) for that entry.

To remove all entries, click on Delete All.

Changes you make to either list of IP addresses take effect immediately.

© 2015, 2019 Hitachi Vantara Corporation. All rights reserved.

Valid Allow and Deny list entries


Each Allow or Deny list entry can be used to specify one of these:

A single IP address

A range of IPv4 addresses specified as ip-address/subnet-mask (for example, 192.168.100.197/255.255.255.0) or in CIDR format (for example, 192.168.100.0/24)

A range of IPv6 addresses specified in CIDR format (for example, 2001:0db8::/32)

The CIDR entry that matches all IPv4 addresses is 0.0.0.0/0. The CIDR entry that matches all IPv6 addresses is 0::0/0.

© 2015, 2019 Hitachi Vantara Corporation. All rights reserved.

Allow and Deny list handling


IP addresses can be included in one, both, or neither of the Allow and Deny lists. To specify how HCP should handle access requests from IP addresses that are either included in both lists or excluded from both lists, select or deselect Allow request when same IP is used in both lists. The table below describes the effects of selecting and deselecting this option.

List entries Allow Requests When Same IP Is Used In Both Lists
Selected Not selected
Allow list: empty
Deny list: empty
All IP addresses have access. No IP addresses have access.
Allow list: at least one entry
Deny list: empty
All IP addresses have access. Only IP addresses in the Allow list have access.
Allow list: empty
Deny list: at least one entry
All IP addresses not in the Deny list have access. IP addresses in the Deny do not. No IP addresses have access.
Allow list: at least one entry
Deny list: at least one entry
IP addresses appearing in both or neither of the lists have access. IP addresses appearing in both or neither of the lists do not have access.

© 2015, 2019 Hitachi Vantara Corporation. All rights reserved.