Setting network security
The Network Security page in the HCP System Management Console lets you enable or disable the following services on HCP nodes:
Ping
Checks network connectivity to HCP nodes.
SSH login by authorized service and Support representatives
Facilitates troubleshooting when you request support.
Node Status
Enables node status commands to check the health of your nodes.
3DES Ciphers
Allows the system to use the Triple-DES cipher algorithm for data encryption. The more secure option is disabling this service.
SSL renegotiation
Allows SSL renegotiation. The more secure option is to disable this service.
Restrict anonymous access with CIFS
Prevents anonymous users from using CIFS to access namespaces on the system. Tenant-level administrators can override this setting for individual namespaces.
Prevent data access with SMBv1
Prevents users from using the SMBv1 protocol for data access with CIFS.
Minimum Security Protocol
Allows you to set the minimum security protocol supported for front-end communications. The recommended minimum security protocol is TLSv1.2.
Enabling or disabling network security services on HCP nodes
Before you begin
Use the Network Security page of the System Management Console to enable or disable network security services on HCP nodes.
Procedure
In the top-level menu in the System Management Console, select
The .Network Security page opens.For each service, select or clear the option to enable it.
To set the minimum security protocol, click Minimum Security Protocol and select the minimum security protocol you want to use for front-end communications.NoteChanging this setting causes the HCP system to restart and requires your confirmation.Click Update Settings.