Veritas NetBackup™ Appliance Security Guide
- About the NetBackup appliance Security Guide
- User authentication
- About user authentication on the NetBackup appliance
- About configuring user authentication
- About user name and password specifications
- User authorization
- Intrusion prevention and intrusion detection systems
- Log files
- Operating system security
- Data security
- Web security
- Network security
- Call Home security
- About AutoSupport
- About Call Home
- About SNMP
- Remote Management Module (RMM) I security
- STIG and FIPS conformance
- Appendix A. Security release content
NetBackup Appliance security release content
The following list contains the known security issues that were fixed and that are now included in this release of NetBackup appliance software:
The fix for Spectre Variant 2 (CVE-2017-5715) is disabled by default in this release because it adversely impacts appliance performance. The following describes the performance impact by appliance model and operation.
Table: Performance impact on appliance models with Spectre Variant 2 (CVE-2017-5715) disabled
May decrease as much as 25%.
May decrease as much as 33%.
May decrease as much as 30%.
May decrease as much as 21%.
May decrease as much as 27%.
An EEB is available for appliance release 3.1.2 that enables the fix for this variant. If you are more concerned with security than performance and would prefer to install the EEB, contact Veritas Technical Support.
The appliance software has been updated to the RHEL7.5 Kernel. Many packages and libraries have been updated that address the following security vulnerabilities: