I tried logging in as the Servicegui user to get the extra "Advanced Reporting" reports, but I can't find any reports containing info about Secure Snapshots.
Ok thanks Steve.
So stupid of me, but for some reason I didn't think to just give you a link to our secure snapshots best practices guide. It's right here and helps with all of this: http://qsupport.quantum.com/kb/flare/Content/dxi/DXi4800_9000_PDFs/...
Thanks for the Best Practices guide. Concerning the statement in there that NTP **MUST** be used. I don't agree in this case.
NTP is based on UDP which can be easily spoofed. It has been proven that one can make an NTP client think it is speaking with a UDP 123 TimeServer which is controlled by someone with "negative energy" shall we say. So I'd rather not use NTP and accept that the CMOS clock in the chassis can drift a little bit (which one can easily correct every now and then). Who cares if the clock is a couple of seconds off in this use-case.
I'm not keen on good old fashioned NTP, born in 1985. I mean, NTP message spoofing from a man-in-the-middle attack can be used to alter clocks on computers and allow a number of attacks based on bypassing of cryptographic key expiration etc.
I have 2 questions if I may:
1. Is implementing Network Time Security (NTS) on the roadmap?
2. How does the DXi react when the time suddenly jumps a certain amount? Does it go into a sort of "self-defence mode", alerting the Admin who can figure out what happened etc. but in the meantime, not allowing ANYthing to happen on the system?
These are all things that we are working on. You can spoof anything with enough work, of course, but like locks on doors we try to make them as solid as possible. Security work is always ongoing.
This is great input! Thanks!