Solved

Security best practices guide or white paper for Commvault environments

  • 8 February 2021
  • 9 replies
  • 3089 views

Badge +3

Hello everyone,

I would like to know if exist a new version of the document called Security Best Practices Increasing the Security of the Commserve. 

Please take a look to the attach file.

Many thanks.

Juan.

 

 

icon

Best answer by DMCVault 8 February 2021, 17:15

View original

9 replies

Badge +3


Thanks @SysadminStephanie , maybe I missing a specific document about Security concerns or advice into Commvault environment.

Userlevel 1
Badge +3

@cosojuan  We used to have this whitepaper linked in our docs, but now we integrate the content into our docs directly. 

In the ransomware documentation it will walk through the various components of hardening against ransomware https://documentation.commvault.com/commvault/v11_sp20/article?p=7877_1.htm . 

Also this is a fresh topic internally - we are working on a ton of new documentation with better context and deeper recommendations.  You will see quite a bit of changes in this section in the near future.  

One very important addition is CIS hardening.  If you are looking at general hardening recommendations, I would highly recommend taking a look at our CIS based hardening guides here : https://documentation.commvault.com/commvault/v11_sp20/article?p=110316.htm  .  We validated level-1 controls, and they can be applied per the recommendations.

 

 

The hardening against ransomware article is good, but… from it you can link to ‘Securing the CommServe Database’ to ‘Securing the CommServe Computer’ to  ‘Limiting access to the Software Installation’… Don’t do that.   

 

Badge +3

​ Many thanks to @DMCVault  and everyone for your advice regarding security concerns ​

Userlevel 7
Badge +23

Thanks, @DMCVault!  Great to hear!

Userlevel 5
Badge +8

@cosojuan  We used to have this whitepaper linked in our docs, but now we integrate the content into our docs directly. 

In the ransomware documentation it will walk through the various components of hardening against ransomware https://documentation.commvault.com/commvault/v11_sp20/article?p=7877_1.htm . 

Also this is a fresh topic internally - we are working on a ton of new documentation with better context and deeper recommendations.  You will see quite a bit of changes in this section in the near future.  

One very important addition is CIS hardening.  If you are looking at general hardening recommendations, I would highly recommend taking a look at our CIS based hardening guides here : https://documentation.commvault.com/commvault/v11_sp20/article?p=110316.htm  .  We validated level-1 controls, and they can be applied per the recommendations.

 

 

Userlevel 7
Badge +21


A small issue with the new community?

 

 'https://community.commvault.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

 

When getting the url from the console, I can open it of course, but I don’t think this is expected behavior? :)

@Mike Struening ?

 

Also working for me (without logging in). Looks like it could be some security policy on your side @Bart : “'https://community.commvault.com' has been blocked by CORS policy”

 

@cosojuan - While we are waiting for Mike, I had a discussion with one of the product managers that handles security on our side, I believe there is a major rework coming to the documentation site where they will fold in an updated version of all this, integrated rather than a PDF. But lets see what Mike comes back with.

Badge +3

@Mike Struening thank you!

Userlevel 7
Badge +23

Hey, @Bart !  I just opened it on my phone (had to acknowledge a pop up) but I’m also an admin so I don’t want to rule anything out just yet. I’ll test with other accounts and see. 
 

@cosojuan , let me reach out to some folks internally and see what’s available or coming. 

Userlevel 6
Badge +13

Hi,

I’m not the smartest person on this world, I know, but how do I open that attachment? :)
If I click on it, nothing happens, giving the following error in the console. 
A small issue with the new community?

 

Access to XMLHttpRequest at 'https://attachments-eu-west-1.insided.com/80a7afb8-d5d9-4f04-8876-9ae94613c4b8/Commcell%20Security%20Best%20Practices.pdf?Expires=1612791377&Signature=nkGU1hwKr1una3139GOY~Goex8sfBra3kK2ryBJ85eFGacBBFvskbHwKxsOhCJrMCDwzzL98dYs6TE~nnOqiNjDGqjMMzBOcB3M041FebRAF3ivYQi7Pqovqc8PMA~4qz82Q8bHp9mdZlBV~tXiHO9UQ08~lx83EH4f2Ym3aCCd-ChznazqoeVJLsDYiKoeypvwrNElhKUER7RPkiRBzLSGK2CNorlMc6CujzbKVQhj0FXITUY4RkvTQvyezJib-xpJ2tC6mTG6iAU8x5etc4lHZ~hXSCA5xi03FPw4fHQYaNiWDOiG8FnpOBablCwx3M2ER3BRfiVJnXigTc1XEKg__&Key-Pair-Id=APKAJODP2KXSV47YM4AA' from origin 'https://community.commvault.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

 

When getting the url from the console, I can open it of course, but I don’t think this is expected behavior? :)

@Mike Struening ?

 

Reply