- Notes, cautions, and warnings
- Introduction
- Linux
- Overview—deployment steps and options
- Preparation for deployment
- Download installation packages—Linux
- Deploying PowerFlex with SELinux
- Prepare server operating systems for support of large-scale systems (up to 2048 SDCs)
- Prepare the DAX devices
- Install and configure the PowerFlex Gateway
- Install PowerFlex Gateway on Linux
- Install PowerFlex Gateway on Windows
- Configure PowerFlex Gateway properties
- Advanced and optional PowerFlex Gateway tasks
- Install the PowerFlex Gateway without assigning an admin password
- Reset PowerFlex Gateway password
- Store Tomcat's keystore password in the lockbox
- PowerFlex Gateway installation with a custom Java configuration
- Install Java on SUSE 12 servers
- Certificate management for PowerFlex Gateway
- Using SSH authentication on the PowerFlex Gateway
- Preparation tasks for SLES, Oracle Linux and Ubuntu
- Prepare the CSV file
- Clean the PowerFlex VMware environment
- Deploying PowerFlex using a non-root user
- Configure the OpenStack Nova Compute service
- Deploy PowerFlex
- Installation wizard
- Customizable installation using CSV file—hyper-converged system
- Customizable installation using CSV file—two-layer system
- Log in and upload installation packages
- Upload the CSV file
- Start the customized installation
- Complete the customized installation—two-layer system backend
- Install SDC on frontend servers
- Install the PowerFlex presentation server
- SDC (scini) driver configuration for SELinux
- Add components to a PowerFlex system—Linux
- VMware ESXi
- Overview—deployment steps
- Preparation for deployment
- Deploy PowerFlex using the vSphere PowerFlex plug-in
- Manually deploy PowerFlex on ESXi servers
- Manual Deployment of VxFlex OS on ESXi Servers
- Deploying the PowerFlex storage virtual machine (SVM)
- Manually install PowerFlex components on the SVMs
- Register the vSphere PowerFlex plug-in
- Install SDC on an ESXi server using the vSphere PowerFlex plug-in
- Install the SDC on an ESXi-based server and connect it to PowerFlex using esxcli
- Manually remove a VIB file from an ESXi host
- Add components to a PowerFlex system—ESXi
- PowerFlex Installer REST API
- PowerFlex VASA
- Post-deployment tasks
Deploy Dell PowerFlex v3.6.x
Configure ESXi security settings
Before deploying PowerFlex systems, you must configure some VMware security features. This procedure describes how to perform the security configurations using the vSphere web client.
Prerequisites
- IP address of VMware vCenter server
- User name and password for accessing the vCenter with the vSphere Web Client
About this task
NOTE: Ensure that the remote connection is established within 1 to 2 minutes. Otherwise, lockdown mode is enabled on the ESXi servers, preventing you from subsequent remote connectivity. When in lockdown mode, you can connect to the ESXi servers locally.
Steps
- Log in to the vSphere web client.
The vSphere Web Client window is displayed with Navigator and Home panes. The Navigator pane displays network entities as nodes, and the Home pane displays network entities as icons.
- In the
Navigator pane, select
.
Preconfigured hosts, clusters, and datacenters are displayed as navigation tree nodes, in the Navigator pane.
- Configure the security-related parameters:
- In the Navigator pane, select an ESXi server from a host, cluster, or datacenter node .
- From the
Manage tab, select
.
A list of system-defined parameters with predefined parameter values is displayed.
- In the
Search field, find the following security parameters:
- Set Security.AccountLockFailures = 0
The parameter value defines the maximum number of failed login attempts allowed, before locking out the user's account. The zero (0) value disables account locking.
NOTE: To disable the locking out of user accounts, the parameter value must be set as zero (0). - Set Security.AccountUnlockTime =
1 (in seconds)
The parameter value defines the duration in seconds to lock out a user's account, after exceeding the maximum number of allowed failed login attempts.
NOTE: For ease of operation, it is recommended that the parameter value be set as 1 or 2 seconds.
- Set Security.AccountLockFailures = 0
- If required, click Edit and update the security parameter values.
- Configure the
Lockdown Mode parameter:
- From the Manage tab, select .
- Scroll to the Lockdown Mode pane and verify the value of the Lockdown Mode parameter.
- Verify that
Lockdown Mode is set to
Disabled.
If Lockdown mode is not disabled, click Edit and change the parameter value to Disabled.
- Configure the SSH parameter:
- From the Manage tab, select .
- Scroll to the
Services pane and verify the SSH option.
- SSH must be running. If SSH is stopped, change its status to
Running:
- In the Services pane, click Edit.
- In the
Edit Security Profile dialog boc, select the SSH parameter.
The SSH status is Stopped.
- Click
Start.
The SSH status changes to Running.
- Click
OK
SSH status changes to Running.
- Restart the management service or restart the server.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\