ManualsPro Dell DELL EMC Repository Manager User Guide

DELL EMC Repository Manager User Guide

June 9, 2024
Dell

DELL EMC Repository Manager

DELL-EMC-Repository-Manager-PRODACT-IMG

Notes, cautions, and warnings

NOTE: A NOTE indicates important information that helps you make better use of your product.
CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem.
WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

PREFACE

As part of an effort to improve its product lines, Dell EMC periodically releases revisions of its software and hardware. Some functions that are described in this document might not be supported by all versions of the software or hardware currently in use. The product release notes provide the most up-to-date information about product features. Contact your Dell EMC technical support professional if a product does not function properly or does not function as described in this document. This document was accurate at publication time. To ensure that you are using the latest version of this document, go to https://www.dell.com/support.

Legacy disclaimers

The information in the publication is provided as-is. Dell Technologies makes no representations or warranties of any kind regarding the information in the publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose. In no event shall Dell Technologies, its affiliates or suppliers, be liable for any damages whatsoever arising from or related to the information contained herein or actions that you decide to take based thereon, including any direct, indirect, incidental, consequential, loss of business profits or special damages, even if Dell Technologies, its affiliates or suppliers have been advised of the possibility of such damages. The Security Configuration Guide intends to be a reference. The guidance is provided based on a diverse set of installed systems and may not represent the actual risk/guidance to your local installation and individual environment. It is recommended that all users determine the applicability of this information to their individual environments and take appropriate actions. All aspects of this Security Configuration Guide are subject to change without notice and on a case-by-case basis. Your use of the information that is contained in this document or materials that are linked herein is at your own risk. Dell reserves the right to change or update this document in its sole discretion and without notice at any time.

Scope of the document

  • This document includes information about security features and capabilities of Dell EMC Repository Manager (DRM).

Audience

  • This document is intended for individuals who are responsible for managing security for Dell EMC Repository Manager.

Revision History

  • The following table presents the revision history of this document.

Table 1. Revision History

Revision Date Description
A00 February 2022 Initial release of the Dell EMC Repository Manager 3.4.0

Security Guideline Document

Document References

In addition to this guide, you can access the other guides available at dell.com/support. Dell EMC Repository Manager supports creating artifacts to update services for Dell systems using Dell System Update, Bootable ISO, and Server Update Utility Update. For configuration related information, see DSU, Bootable ISO and SUU User’s Guide. For more information, see Dell EMC Repository Manager Software Support Matrix. Go to support site, click product support -> Dell EMC Repository Manager to access the following documents:

  • Dell EMC Repository Manager Version 3.4.0 User’s Guide
  • Dell EMC Repository Manager Version 3.4.0 Release Notes
  • Dell EMC Repository Manager Software Support Matrix

Security resources

Getting help

  • Contact your Dell EMC technical support professional if a product does not function properly or does not function as described in this document. This document was accurate at publication time. To ensure that you are using the latest version of this document, go to dell.com/support

Reporting security vulnerabilities

  • Dell EMC takes reports of potential security vulnerabilities in our products very seriously. If you discover a security vulnerability, you are encouraged to report it to Dell EMC immediately. For the latest on how to report a security issue to Dell, please see the Dell Vulnerability Response Policy on the Dell.com site.

Topics

  • Terms used in this document

Terms used in this document

Table 2. Terms used in this document

Terminology Description
DRM Dell EMC Repository Manager
DUP Dell EMC Update Package
SUU Server Update Utility
DSU Dell EMC System Update
iDRAC Integrated Dell Remote Access Controller
OMEnt OpenManage Enterprise
OMIVV OpenManage Integration for VMWare VCenter
OMIMSSC OpenManage Integration for Microsoft System Center

Deployment models

Dell EMC Repository Manager can be installed on the supported Microsoft Windows and Linux operating systems to generate the artifacts that can be used to deploy and upgrade the system. For more information about the installation, see Dell EMC Repository Manager User’s Guide and Quick Installation Guide at dell.com/support.

Topics

  • Security profiles

Security profiles

DRM has a default security profile for secure HTTPS access with a self-signed certificate during installations. The downloaded artifacts such as DUPs, catalogs, and plugins are signed by Dell.

Product and subsystem security

Topics

  • Security controls map
  • Authentication
  • Login security settings
  • User and credential management
  • Password Complexity
  • Network security
  • Data security
  • Auditing and logging
  • Serviceability
  • Product code integrity

Security controls map

The Dell EMC Repository Manager (DRM) is an application within the Dell OpenManage portfolio that allows IT Administrators to manage system updates. Dell Repository Manager provides a searchable interface that is used to create custom software collections, which are known as bundles and repositories of Dell Update Packages (DUPs). These bundles and repositories allow for the deployment of multiple firmware updates at once. The DRM User Interface (UI) interacts with the DRM service through HTTPs protocol. Dell EMC Repository Manager (DRM) interacts with downloads.dell.com to download the DUPs, Catalogs, and other artifacts such as plugins and DRM updates through HTTPs protocol. DRM interacts with various consoles such as iDRAC and OME to collect inventory information over the HTTPs protocol. This protocol is the only supported way to connect to the various consoles. Also, DRM interacts with any network or file share through CIFS or SMBv2 protocols.
The following figure displays the DRM security controls map:

DELL-EMC-Repository-Manager-FIG-1

As the diagram depicts, DRM interacts with downloads.dell.com through HTTPS protocol and with the network share through the CIFS/SMBv2.

Authentication

Access control

  • Dell EMC Repository Manager functions as a service which requires minimum privileges for Windows (Windows services) and Linux users (read or write access to drmusers) on a system to run and perform all the operations.

Login security settings

Remote connection security

  • DRM uses open-source library for remote connection using CIFS/SMBv2 and does not log the credentials mentioned for connections.

User and credential management

  • Dell EMC Repository Manager stores all the user credentials in a database with an encrypted format. The database is password protected that user provides during the installation. The password can be modified by an administrator or a user with the administrative privileges. All the traffic between the User interface (UI) and the service are managed using HTTPs.

Password Complexity

  • DRM Database password must contain at least eight characters that has at least one character each in upper case, lower case, integer, and special character.

Network security

  • DRM supports only HTTPs connection to connect downloads.dell.com, and then download the catalogs, DUPs, and plugins. These artifacts are signed by Dell.
  • DRM performs SHA 256 hash verification and PGP sign verification for all the downloaded artifacts.

Outbound ports

  • Outbound ports are used by Dell EMC Repository Manager Update when connecting to a remote system.
  • The table below lists the DRM outbound ports.

Table 3. Outbound ports

Port number Layer 4 Protocol Service
80 TCP HTTP
139 or 445 TCP SMB/CIFS
Port number Layer 4 Protocol Service
--- --- ---
80 TCP HTTP
139 or 445 TCP SMB/CIFS

Data security

  • DRM stores all sensitive information, such as passwords, in databases in an encrypted format. DRM uses certificates for secure HTTP access (HTTPS). DRM installs a java store and uses a self-signed certificate to secure HTTPS transactions.
  • DRM database is protected by a password that is provided by the user during the installation phase. This password is stored in an encrypted format in a file that is locked using another layer of password. The password that locks the file is generated randomly and varies according to various system parameters.

Auditing and logging

DRM creates log and stores in the working directory. The log files size between 1 MB to 10 MB. For more information about Troubleshooting, or Log files, see the Dell EMC Repository Manager User’s Guide available at dell.com/support.

Serviceability

  • The support website https://www.dell.com/support provides access to licensing information, product documentation, advisories, downloads, and troubleshooting
  • information. This information helps you to resolve a product issue before you contact support team.
  • Special login is not required to enable DRM for service personnel.
  • Ensure that you install security patches and other updates when available, including the Dell Repository Manager updates.

Product code integrity

  • The Dell EMC Repository Manager installer is signed by Dell. It is recommended that you verify the authenticity of the Dell EMC Repository Manager installer signature.

Miscellaneous configuration and management

Topics

  • Dell EMC Repository Manager licensing
  • Protect authenticity and integrity

Dell EMC Repository Manager licensing

  • DRM has open-source approval for internal dependencies and is installed with the application on the box. It can also be found at https://opensource.dell.com/releases/drm/. For more information about licensing of Dell EMC Repository Manager, see the Dell EMC Repository Manager User’s Guide available at dell.com/support.

Protect authenticity and integrity

  • To ensure the integrity of product, the installation and update of components for Dell EMC Repository Manager are signed.

Read User Manual Online (PDF format)

Loading......

Download This Manual (PDF format)

Download this manual  >>

Dell User Manuals

DELL Latitude E7240-E7440 Series Backlit Laptop Keyboard Instruction Manual
Dell
Dell OptiPlex 5000 Tower Desktop Computer Owner’s Manual
Dell
DELL G15 5520 GPU Gaming Laptop User Guide
Dell
DELL 2200MP Micro Portable Projectors Instruction Manual
Dell
DELL WR110 Universal Pairing Receiver User Guide
Dell
DELL Inspiron 15 3520 Portable Laptop User Guide
Dell
Dell 163TJ 1610HD Projector User Guide
Dell
DELL Precision 7670 Portable Laptop User Guide
Dell
DELL XPS 9315 Portable Laptop User Guide
Dell
DELL WM514 Wireless Mouse Owner’s Manual
Dell
Dell OptiPlex 7400 All-in-One Desktop User Manual
Dell
DELL XPS 15 9530 HD Touchscreen Laptop User Guide
Dell
DELL Latitude 5521 Laptop User Guide
Dell
Dell EMC PowerEdge R650 Instruction Manual
DELL EMC
Dell E74S001 PowerEdge R450 User Guide
Dell
DELL EMC PowerEdge XR12 Rack Server Instruction Manual
DELL EMC
DELL OptiPlex 5090 Small Form Factor User Guide
Dell
DELL Latitude 7220 Rugged Extreme Tablet User Guide
Dell
DELL Inspiron 16 7630 2 In 1 Laptop User Guide
Dell
DELL OptiPlex Micro Plus 7010 Desktop PC User Guide
Dell

Related Manuals

KAERCHER WB Brush Cleaning Devices Instruction Manual
kaercher
cameo CLF2FCPO Professional High-Power Fresnel with RGBW LED User Manual
cameo
GreenForest DENNIS-L-SY Folding Desk Small Rolling Desk with Storage Shelf Instruction Manual
GreenForest
KEYSIGHT U1271A Handheld Digital Multimeter User Guide
KEYSIGHT
EVOCHARGE iEVSE 32 Amp Wi-Fi Charging Station Installation Guide
EVOCHARGE
BZBGEAR BG-SMB-5M USB Bluetooth Speaker and Speakerphone User Manual
BZBGEAR
3744591 Garden Solar Powered Lampposts User Manual
Solar
EUROtops S0620 Wireless Weather Station Forecast Plus Instruction Manual
EUROtops
Filter Commercial Grade 1000 GPD Reverse Osmosis System Instruction Manual
Filter
COZY N SAFE EST-259 Hood i-Size Child Car Seat Instruction Manual
COZY N SAFE
MD SPORTS DH44109 Device Database Instruction Manual
MD SPORTS
peopleforbikes Nebraska’s Electric Bicycle Law Instructions
peopleforbikes
VIVOTEK IP7161 Network Camera Installation Guide
Vivotek
HOME HM-CG-B107SS Contact Grill User Manual
home
Volantexrc P-51D 400mm 4-Inch Beginner RC Warbird Plane User Manual
Volantexrc
Apps CloudEdge App Instructions
APPs
IKEA 605.451.21 BACKSJÖN Double Wash Basin Instructions
Ikea
ventev VenFlex Mount Installation Guide
ventev
KON AR HD90439INVIH Refrigerator User Manual
KON AR
BRAUN Silk-epil 5 Legs and Body Epilator Instruction Manual
Braun
Migatronic 50119032 A FOCUS ADF Welding And Grinding Helmet Installation Guide
Migatronic
Acer Halo Smart Speaker HSP3100G User Guide
Acer
Paul Neuhaus 829354 Q-MATTEO LED Wall Light Instructions
Paul Neuhaus
Hamilton Beach 62636 Electric Hand Mixer Instruction Manual
Hamilton Beach
ADD OFFROAD 21+ FORD RAPTOR Phantom Rear Bumper Installation Guide
ADD OFFROAD
electori BO440 Head-worn Omni-directional Microphone User Guide
electori
SILICON LABS 32-bit MCU SDK 6.5.0.0 GA Gecko SDK Suite Instruction Manual
SILICON LABS
MOB MO6301 Stainless Steel Lunch Box User Manual
MOB
ring BHASC081 Pro Battery Stick Up Cam User Guide
Ring
Whirlpool Dryer User Manual
Whirlpool
Contact Us   Privacy Policy   6.205ms