From HPE 3PAR StoreServ 3.2.x Security Technical Implementation Guide
Part of SRG-OS-000480-GPOS-00227
Associated with: CCI-000366
The organization must install security-relevant updates (e.g., patches, maintenance updates, and version updates). Due to the potential need for isolation of the storage system from automatic update mechanisms, the organization must give careful consideration to the methodology used to carry out updates.
Determine when the last update occurred, by entering the following command: cli% showpatch -hist The output fields are InstallTime Id Package Version Examine the InstallTime of the last entry in the output. If the last update occurred more than 3 months ago, verify on the vendor's website what the latest version is. If the current installation is not at the latest release, this is a finding.
The software update process must be performed by the vendor's support organization. Contact the vendor's support organization to determine if an update is available. Note: it is possible no update is currently available for the specific product model being evaluated. This is not an error. If an update is available, the support organization will use this process to install the software. Acquire the system update image on DVD media from the vendor's support organization. Power on the Service Processor, and apply its software update first. Perform an Attach operation between the Service Processor and the disk array. Then apply the software update to the 3PAR system. Perform a Detach operation between the Service Processor and the disk array, and power off the Service Processor.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer