OpenSSL Heart bleed

Ed - cannot speak for Clariion, but we have confirmed that Isilon nodes are not, repeat not affected.  I hope someone else can confirm for Clariion/VNX.

Thanks for the reply, I take it that this only really affects possible access to the management interface?

Also how so you know that Isilon isn't affected?

Hi Ed,

We know because the version of OpenSSL in OneFS is not one of the versions with the bug.  BTW this does not only affect the management interface but many of the protocol stacks, since we support Kerberos authentication over several protocols and OpenSSL may call routines in the Kerberos library.  The TLS routines in OpenSSL are the key to this issue, pun intended

is there a way to know if openssl is used or check the version on the VNX systems?

We have now  a knowledgebase article addressed for VNX systems KB185969. It is not yet a customer viewable. It is still limited to EMC Employees and partners.

The resolution up to this point is:

• It doesn't appear that the Control Station or Data Movers are running vulnerable versions of OpenSSL, but investigation is still under way.
• Control Station is running OpenSSL v0.98e which is not vulnerable.
• Data Mover (DART) is not Linux based so should not be affected, but pending official confirmation regarding this

We ave 2 tickets opened with Engineering for further investigation of the issue. We are doing the same for all other EMC products.

Hope it helps

Mohammed Salem  @yankoora