Upcoming ESRS change activity – you may be impacted

Question

In order to maintain ESRS remote session support, EMC may contact you to request authorization to make a minor update to the ESRS software configuration. No action is required other than approval of this access request.

The existing certificates which validate the "handshake" between EMC and the ESRS solution in your infrastructure may be configured to expire on March 29, 2012. EMC’s Global Security Office (GSO) has issued new RSA root certificates that include the latest security features, which will replace the affected expiring certificates.

Please note, if the affected certificates are not updated by March 29, 2012, EMC Support personnel will lose ESRS remote session functionality used to remotely support your devices.

This change involves updating the list of trusted certificates and restarting ESRS. It is an entirely automated process, and the host operating system will not need to be restarted.

The following agent types and versions will require updates:

Symmetrix version 2.00.00.01
CLARiiON / VNX Management Station version 2.08.00.06
CLARiiON / VNX Management Station version 2.02.00.24
Gateway version 2.12.00.02
Gateway version 2.10.00.06
Gateway version 2.10.02.00
Gateway version 2.08.00.08
Gateway version 2.06.00.04
Gateway version 2.04.02.02
Gateway version 2.04.00.04
Gateway version 2.02.00.22

The following agent types and versions will not require updates:

Symmetrix version 2.00.10.00
CLARiiON / VNX Management Station version 2.08.10.00
CLARiiON / VNX Management Station version 2.02.10.00
Gateway version 2.14.00.02
Gateway version 2.12.10.00
Gateway version 2.10.12.00
Gateway version 2.08.10.00
Gateway version 2.06.10.00
Gateway version 2.04.12.00
Gateway version 2.04.10.00
Gateway version 2.02.10.00

For any questions, please contact your local service manager.

dynamox · Answer

Ben,

can you please describe the process of what customer needs to do ? If my ESRS infrastructure is configured to automatically accept request from EMC support, does it mean it will get updated automatically ?

thanks

BChused · Answer

That is correct - no action will be required on your end if you are configured to automatically approve requests for remote support sessions. All accounts with SAMs will also receive separate communications.

7aIqP6bgWz12064 · Answer

Hello Ben, 'Ask for approval' site will receive a session request to update and once customer approve it, then the update process will be completed automatically?  If we can know the date of its request on ahead for 'Ask for approval' customer it could be better. Thank you,

BChused · Answer

That is correct, the customer just needs to allow the remote support session request. Pushes will take place gradually throughout the quarter, so I am unable to provide a specific date the request will be issued.

Manabu_Ito · Answer

IHAC who has GW running agent version: 2.10.10.00. there is no description regarding as 2.10.10.00. 2.10.10.00 GW agent is requred to upgrade or not?

BChused · Answer

No upgrade required.

Manabu_Ito · Answer

Thanks

That is, GW version 2.10.10.00 meets GW version 2.x.10.x which is compliant. so, no upgrade required.

If we have another GW whose version is no listed above, we check the version of GW whether the agent meet 2.x.10.x or not.

The GW does not meet 2.x.10.x, we have to upgrade. Is it correct?

Manabu_Ito · Answer

For GW, version 2.10.12.00 is listed in 'do not require updates' section: this should be 2.10.10.00, as this is the cert updated version for base 2.10.00.06 GW version

BChused · Answer

Apologies, 2.10.10.00 should have been written in the initial list of versions that do not require updates. My understanding is that 2.10.12.00 should also remain in that list.

Secure Remote Services (ESRS)

Upcoming ESRS change activity – you may be impacted

Was this post helpful?