Home > Storage > PowerMax and VMAX > Storage Admin > Implementing Dell SRDF SRA with VMware SRM > Introduction
SRDF SRA utilizes the installation of Solutions Enabler software on the SRM server to perform management operations on a Dell PowerMax storage array. This is frequently viewed as a potential security issue by storage administrators since unauthorized users could intentionally or unintentionally perform malicious activities. The security concern can be addressed by the use of Symmetrix Access Control Lists and/or Symmetrix Authorizations to manage access and control of the PowerMax storage arrays visible to the SRM server.
This chapter will discuss the minimum required rights necessary to allow the user to perform all of the operations required to fully use SRM. The first section will deal with Symmetrix Access Control Lists (host-based security) and the second section will discuss Symmetrix Authorizations (user-based security).
It is important to note that the Symmetrix Access Control Lists and Authorizations are complementary pieces of security functionality that do not rely on or interact with one another. Therefore they can be implemented together or individually. Also note that use of these security features is OPTIONAL. While in many situations it is recommended, the use of any of these features is not required by the SRDF SRA.
Detailed discussions (initial implementation, best practices, etc.) of these security offerings are beyond the scope of this book. This book will also not discuss Role Based Access Control (RBAC) which is part of Unisphere for PowerMax and provides storage administrators a way to limit user access to storage groups. Readers should consult the array management documentation available at support.dell.com for further information.
Note: This discussion presumes all PowerMax arrays involved in SRDF replication will have security enabled. Therefore, security requirements for all arrays will be discussed. If, however, security is disabled on any arrays in the SRDF environment, they can be excluded from these requirements.