Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Dell PowerFlex v3.6.x Security Configuration Guide

PDF

Network encryption

The PowerFlex system performs network encryption for its different components.

The PowerFlex Installer client, CLI client, PowerFlex GUI client, vSphere plug-in, and PowerFlex Gateway (REST) use TLSv1.2—after authentication, communication between the MDM and external components is performed using TLSv1.2 (Transport Layer Security) protocols. The same method is used between the PowerFlex Installer client and LIAs. For more information, see "Security" in the Configure and Customize Dell PowerFlex.

PowerFlex Gateway (REST) certificate validation—the OpenStack PowerFlex driver communicates with the PowerFlex Gateway through https, (over TLSv1.2). By default, the driver ignores verification of the PowerFlex Gateway’s TLSv1.2 certificate, but it can verify the certificate if the following configuration parameters are defined:

  • verify_server_certificate—set to True, if the server’s certificate must be verified, and to False if no verification is required.
  • server_certificate_path—If the parameter verify_server_certificate is set to True, specify the location of the .pem file containing the server’s certificate.

For instructions for generating a self-signed certificate using Keytool, see the section "Generate a self-signed certificate using the keytool utility" in the Deploy Dell PowerFlex .

The following encryption methods are approved for use with your system:

  • MDM supported ciphers :
    • TLS_RSA_WITH_AES_128_GCM_SHA256
    • TLS_RSA_WITH_AES_256_GCM_SHA384
  • PowerFlex Gateway supported ciphers (to the MDM):
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    • TLS_RSA_WITH_AES_256_GCM_SHA384
    • TLS_RSA_WITH_AES_128_GCM_SHA256
  • PowerFlex presentation server supported ciphers (to the MDM):
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    • TLS_RSA_WITH_AES_256_GCM_SHA384
    • TLS_RSA_WITH_AES_128_GCM_SHA256
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    • TLS_RSA_WITH_AES_256_GCM_SHA384
    • TLS_RSA_WITH_AES_128_GCM_SHA256

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\