Several options are available to help you maintain storage system security.
| Option | Description |
|---|---|
| trusted.hosts | Specifies up to five hosts that are allowed Telnet, RSH and administrative HTTP (FilerView) access to the storage system for administrative purposes. The default is set to an asterisk (*), which allows access to all storage systems. This value is ignored for Telnet access if the telnet.access option is set. It is also ignored for administrative HTTP access if the httpd.admin.access option is set. |
| telnet.access | Controls which hosts can access the storage system through a Telnet session for administrative purposes. You can restrict Remote Shell access to the storage system by specifying host names, IP addresses, or network interface names. If this value is set, the trusted.hosts option is ignored for Telnet. |
| rsh.access | Controls which hosts can access the storage system through a Remote Shell session for administrative purposes. You can restrict Remote Shell access to the storage system by specifying host names, IP addresses, or network interface names. |
| nfs.mount_rootonly | Controls whether the storage system’s volumes can be mounted from NFS clients only by the root user on privileged ports (ports 1 through 1,023) or by all users on all ports. This option is applicable only if the NFS protocol is licensed. |
| wafl.root_only_chown | Controls whether all users or only the root user can change directory and file ownership. This option is applicable only if the NFS protocol is licensed. |
| cifs.restrict_anonymous | Controls whether anonymous CIFS users can look up CIFS shares, users, or groups on a storage system. This option is applicable only if the CIFS protocol is licensed. |
For more information about the options in this table, see the na_protocolaccess(8) man page.