Unsolved
This post is more than 5 years old
75 Posts
0
1951
November 4th, 2016 15:00
Default policy of ESRS / ESRS with no Policy Mgr
IHAC who wants to install ESRS on his Isilon with no Policy manager. I am told the default policy is 'allow everything' which would not be what they want.
Is there a way to modify the policy directly in the ECS client?
Or is the Policy Manager a required component?
thanks
No Events found!
pedro.caribe
21 Posts
0
November 4th, 2016 16:00
David,
Is the issue the "unrestricted access" or is it something else, like being able to transfer files?
If the issue is the unrestricted access, they could change the cluster password and/or EMC can change the IB Remote connection status to "Customer Permission Required" and every time an engineer needs to connect into the box they will send an email to customer prior.
curti
2 Posts
0
November 30th, 2016 12:00
Any updates on this question? My customer also does not want to implement Policy Manager but wants to block incoming communications. Would blocking incoming traffic on ports 443/8443 work?
ryanbrancel1
53 Posts
1
November 30th, 2016 22:00
Only "outgoing" ports 443 & 8443 are necessary for your ESRS server to communicate with *.emc.com servers. For Isilon, simply have the customer change the root password. EMC support would need to use the root password in order to run more advanced troubleshooting commands. There is a "remotesupport" account on Isilon, though that only allows log gathering to occur over ESRS, so it is recommended to leave that enabled. I'm not sure that addresses your questions?