A guest post by Faisal Choudry


Here’s a summary of the recent updates for the PowerProtect Data Manager Appliance, DM5500, Release 5.13.0.0

The update has several new features, enhancements, and stability improvements.

Active Directory Integration

Based on the group-to-role mapping defined, AD users from a specific group will be able to log in to the appliance.

Only, secure AD connection is supported. AD traffic is secured using TLS by default.



Group to Role mapping

To authorize the level of access for a specific user, the DM5500 appliance uses the group to role mapping mechanism. This mechanism can also be leveraged to authorize AD users.

There are different roles available which the user can opt for and the only caveat is that you cannot assign a security officer role to an AD group (AD group members have different privileges based on their roles). Only one security officer role can be assigned to a user, the user must be local to the application.


Integrating Active Directory with Dell PowerProtect Data Manager Appliance

The Below clip shows how to integrate Actiev Director with the DM5500

Security

Multi-factor authentication

PowerProtect Data Manager Appliance now supports Multi-factor authentication (MFA) for users to login to the UI dashboard by providing the valid One-Time Password (OTP) Authenticator. Currently, Google Authenticator is the supported method, with more to come in future. If configured, by default, all the users in DM5500 will have to login via MFA except admin and Security officer. MFA is enabled by default for AD users.

For further detail, see the PowerProtect Data Manager Appliance Security Configuration Guide for DM5500 here



Bypassing MFA

MFA can be bypassed so a user doesn’t have to key in OTP to gain access to the system (Only credentials would be sufficient for login)

Any user with admin privilege can bypass local users from MFA with following steps:

  • Login via administrator role user and select the user to be bypassed in access control panel
  • Go to Administrator -> Access Control Users/Groups tab
  • Click on EDIT button, and check the Bypass MFA checkbox
  • Follow next tabs and finish to bypass the user

Multi factor Authentication in PowerProtect Data Manager Appliance – Further Resources

Audit Logging – Enhancements

Apart from the existing Data Domain  and PPDM audit information. Audit logging now enables you to discover access violations, changed or deleted files, failed authentication, and so on. With the Administrator, Security Administrator, and User roles, you can view audit logs to monitor system activity.

Physical Network Separation

With the new Release, Physical network Separation is supported

Options:

–PCIe slot 3

  • 2 available ports for Optical
  • 4 available ports for Copper

–PCIe slot 4

  • 2 available ports for Copper

PowerProtect Data Manager Appliance Physical Network Separation- Further Resources

System configuration (re-configuration)

Enables you to modify the location, time zone, and the NTP server for the PowerProtect Data Manager Appliance.

Customers can change now change the following

–DNS, NTP, Time zone

Other settings are a Support driven activity

Further reading on the updates is availale here

Posted on 0 By itzikr Business continuity Posted in Business continuity, PowerProtect

itzikr

Working For DellEMC as a VP & CTO For XtremIO

Leave a Reply Cancel reply