InfiniBox features security mechanisms that:
- Increase the security on access to the storage
- Provide visibility to storage admins on who is connected to the storage system
Authenticated session support
InfiniBox supports authenticated sessions to prevent:
- Storing passwords in clear text
- Sending passwords over the wire for each request
Configuring the session auto-termination parameters
- Via the API:
- Via infinishell:
Each session will include the following data:
- creation time
- last request time
Password change during a user session
If the password changes amidst a user session, the session is updated and the user does not have to re-login.
User role changes
Changes to the user role take effect immediately.
- For more information on LDAP users, see here: Overview of user management
The following changes to an LDAP user take effect only after the credentials are refreshed:
- Group assignment
- Account removal
Changing the password of an LDAP user
LDAP users changing passwords will require re-authentication.
Management node failover
A management node failover requires all users to re-authenticate.