Lenovo Storage V series contains many components that use SSL/TLS, both as
clients and servers. The requirement to use only strong SSL/TLS ciphers
applies to both.
Open SSL and Java SSL on IBM Spectrum Virtualize
are configured to provide unlimited strength
encryption.
Table 1 defines
the system settings for the different security levels. When you are
configuring a new
Lenovo Storage V series system, the default security level is 1.
Table 1. Supported SSL/TLS security levels. Supported SSL/TLS security levels
| Security level |
Description |
Minimum security allowed |
| 1 |
Sets the system to disallow SSL version 3.0. |
TLS 1.0 |
| 2 |
Sets the system to disallow SSL version 3.0,
TLS version 1.0, and TLS version 1.1. |
TLS 1.2 |
| 3 |
Sets the system to disallow SSL version 3.0,
TLS version 1.0, and TLS version 1.1 and to allow cipher suites that
are exclusive to TLS version 1.2. |
TLS 1.2 |
Changing the setting for the SSL/TLS levels necessitates restarting
services that use the protocols (Tomcat, OpenPegasus, Curl, LDAP,
Perl library) and causes existing sessions to be terminated. This
action is desirable in that no session is left working on the old
security level. It might take a few minutes for services to become
usable again after you restart the services.
Note: Changing the system
security level might cause the web interface, CIM clients, and other
SSL/TLS clients to stop working. If any clients stop working, refer
to the related tasks section for troubleshooting information.
To learn more about the SSL/TLS security levels
and the list of ciphers that are supported by each security level,
see Security levels and supported security ciphers.