Jon Ruback and Yaniv Valik

Validating the Security Posture of Cohesity DataPlatform with StorageGuard

  • August 10, 2023
  • 4 min read

About Continuity™

Continuity™ provides the industry’s ONLY storage & backup security solution, to help you protect your most valuable data.

Read more

In today’s digital landscape, data management solutions have become a critical component of every enterprise’s operations. Cohesity DataPlatform stands out as a comprehensive data management solution that simplifies backup, recovery, and storage for businesses by consolidating and managing data across multiple sources and locations. However, the importance of ensuring the security of such platforms cannot be overstated. This is where StorageGuard comes into play, offering a comprehensive suite of security validation checks to help enterprises maintain a robust security posture for their Cohesity DataPlatform deployments.

The Need for Security Validation

With the ever-evolving threat landscape, enterprises must proactively identify and mitigate potential security vulnerabilities. While Cohesity DataPlatform offers powerful data management capabilities, it’s crucial to ensure that the platform is configured securely to safeguard sensitive data and prevent unauthorized access. StorageGuard’s security validation checks are designed to provide enterprises with a systematic approach to assess and validate the security configuration of their Cohesity DataPlatform deployments.

Cohesity DataPlatform: Recommended Security Baseline Checks

StorageGuard’s security validation checks cover a wide range of system components, access controls, authentication mechanisms, encryption settings, monitoring configurations, and more. These checks are specifically tailored to ensure that Cohesity DataPlatform adheres to industry best practices and security standards. Here is a sample list of recommended security baseline checks that StorageGuard can assist enterprises in performing:

Access Control

  • Validate session timeout settings.
  • Ensure approved administrative users/groups are configured.
  • Verify the status of browsable shares.
  • Check file share ACL configurations.
  • Review allowlist settings.
  • Assess hardening status to ensure proper security measures are in place.
  • Validate Helios access levels.
  • Check for non-default local users.
  • Review remote access configuration settings.
  • Validate session limits to prevent resource exhaustion.
  • Verify SMB access based enumeration settings.

Authentication and Authorization

  • Review account lockout settings.
  • Validate AD domain configuration.
  • Verify authentication server configuration.
  • Review and enforce password complexity settings.
  • Check for proper role mapping through AD group mapping.
  • Review and ensure proper user role configurations.

Encryption and Malware Protection

  • Verify encryption settings.
  • Check for proper use of secure communication protocols.
  • Validate the status of antivirus scan and ransomware protection.
  • Review vulnerability scanning settings.

Monitoring and Alerts

  • Verify alert notification configurations, including email and SNMP.
  • Review backup-related alerts and anomaly alerts.
  • Validate remote support status and configurations.

Services and Protocols

  • Ensure access protocols are properly configured and hardened.
  • Validate HTTP, SNMP and other service configurations.

How StorageGuard Can Assist Enterprises

StorageGuard streamlines the process of security validation by automating the execution of these recommended security baseline checks. By leveraging StorageGuard’s capabilities, enterprises can benefit in several ways:

  1. Comprehensive Security Assessment: StorageGuard offers a comprehensive set of security validation checks that cover various aspects of Cohesity DataPlatform’s security configuration.
  2. Efficiency and Accuracy: Automation ensures that security checks are performed consistently and accurately, reducing the risk of human error and oversight.
  3. Time and Resource Savings: Automated checks significantly reduce the time and effort required for manual security audits, allowing IT teams to focus on other critical tasks.
  4. Proactive Security: StorageGuard enables enterprises to proactively identify and address security vulnerabilities before they can be exploited by malicious actors.
  5. Continuous Monitoring: Regular security validation checks can be scheduled, providing continuous monitoring of Cohesity DataPlatform’s security posture.
  6. Regulatory Compliance: StorageGuard helps enterprises adhere to industry regulations and compliance standards by ensuring that security configurations are in line with best practices.

The security of Cohesity DataPlatform is a crucial consideration for enterprises aiming to safeguard their valuable data assets. StorageGuard’s security validation checks offer an automated and efficient approach to assess and maintain the security posture of Cohesity DataPlatform deployments. By leveraging StorageGuard’s capabilities, enterprises can ensure that their data management operations remain secure, resilient, and compliant with industry standards.

Cohesity DataPlatform: Recommended Security Baseline Checks

Cohesity Common Vulnerabilities and Exposures (CVEs)

Talk To An Expert

It’s time to automate the secure configuration of your storage & backup systems.

We use cookies to enable website functionality, understand the performance of our site, provide social media features, and serve more relevant content to you.
We may also place cookies on our and our partners’ behalf to help us deliver more targeted ads and assess the performance of these campaigns. You may review our
Privacy Policy I Agree