This section gives an overview of Oracle's StorageTek SL150 Modular Tape Library and explains the general principles of tape library security.
StorageTek SL150 Modular Tape Library is a 19" rack mounted modular automated tape library by Oracle Corporation. It offers storage capacity for LTO tape cartridges, supports LTO Fibre Channel drives or SAS tape drives, and a bridged drive Fibre or SAS port control path through one of the installed tape drives. The SL150 v3.50 release has VPAT #6237 and #7171.
All tape library products are designed and documented for use within a controlled server environment with no general network or user access. This provides the best functionality and protection from compromise, both from the internet in general and from the internal entity operating the library.
The following principles are fundamental to using any product securely.
One of the principles of good security practice is to keep all software versions and patches up to date. The SL150 Firmware versions released since June 2012 are as follows:
Keep the library behind a data center firewall. The firewall provides assurance that access to these systems is restricted to a known network route, which can be monitored and restricted, if necessary. As an alternative, a firewall router substitutes for multiple, independent firewalls. Identifying the hosts allowed to attach to the library and blocking all other hosts is recommended where possible.
Oracle continually improves its software and documentation. Check this document every release for revisions.