InfiniBox features security mechanisms that:
- Increase the security on access to the storage
- Provide visibility to storage admins on who is connected to the storage system
Authenticated session support
InfiniBox supports authenticated sessions to prevent:
- Storing passwords in clear text
- Sending passwords over the wire for each request
Configuring the session auto-termination parameters
- Via the API:
- Request:
api/rest/config
- Parameters:
mgmt/mgmt.session_expiry
mgmt/mgmt.session_idle_timeout
- Request:
- Via infinishell:
config.system.set_session_timeout
Session identification
Each session will include the following data:
- session_id
- username
- password
- creation time
- last request time
Password change during a user session
If the password changes amidst a user session, the session is updated and the user does not have to re-login.
User role changes
Changes to the user role take effect immediately.
LDAP users
- For more information on LDAP users, see here: Overview of user management
LDAP changes
The following changes to an LDAP user take effect only after the credentials are refreshed:
- Group assignment
- Account removal
Changing the password of an LDAP user
LDAP users changing passwords will require re-authentication.
Management node failover
A management node failover requires all users to re-authenticate.
Comments