Oracle ZFS Storage Appliance Security Overview
NFS Authentication and Encryption Options
Active Directory (AD) Domain Mode Authentication
Administrative Operations via the Microsoft Management Console (MMC)
Delay Engine for Timing Attacks
Hypertext Transfer Protocol (HTTP)
Network Data Management Protocol (NDMP)
SSH File Transfer Protocol (SFTP)
FTP allows file system access from FTP clients. The FTP service does not allow anonymous logins and users must authenticate with the configured name service.
FTP supports the following security settings. These settings are shared for all file systems for which the FTP protocol access is enabled:
Enable SSL/TLS - Allows SSL/TLS encrypted FTP connections and ensures that the FTP transaction is encrypted. This is disabled by default.
Permit root login - Allows FTP logins for the root user. This is off by default because FTP authentication is with plain text, which poses a security risk from network sniffing attacks.
Maximum number of allowable login attempts - The number of failed login attempts before an FTP connection is disconnected, and the user must reconnect to try again. The default is 3.
Logging level - The verbosity of the log.
FTP supports the following logs:
proftpd - FTP events including successful and unsuccessful login attempts
proftpd_xfer - File transfer log
proftpd_tls - FTP events related to SSL/TLS encryption