Description

This patch restricts the communication protocol to TLSV1.2 and discontinues support for the TLSV1.0 and TLSV1.1 protocols in StoreVirtual OS 13.6.

Versions

  • HPE StoreVirtual OS 13.6 patch 136-001-00

  • StoreVirtual Management Console 13.6

Update recommendation

Critical

As a best practice, Hewlett Packard Enterprise recommends upgrading software during times of non-peak activity to minimize any potential application impact.

Prerequisites

  • Before you install this patch, ensure that the browser (from where the StoreVirtual Management Console (SVMC) is accessed) supports the TLSV1.2 protocol.

  • Before you apply this patch, use StoreVirtual OS 13.6 system's controller IP for SVMC if the management group consists of the storage system with StoreVirtual OS versions 13.5 and 13.6.

  • Apply this patch on the HPE StoreVirtual Failover Manager (FOM) before adding the FOM to a scale-out management group.

Product Models

  • HPE StoreVirtual 3200
  • HPE StoreVirtual 3200 FC

Platforms

  • HPE StoreVirtual Failover Manager for VMware vSphere
  • HPE StoreVirtual Failover Manager for Microsoft Hyper-V

Fixes

For StoreVirtual OS 13.6, this patch restricts the communication protocol to TLSV1.2 and discontinues support for the TLSV1.0 and TLSV1.1 protocols.
NOTE:

Follow these guidelines to enable TLS protocol version 1.2 in your Microsoft System Center environment:

To make TLSV1.2 compatible in a Microsoft System Center 2012 R2 environment, follow the guidelines at: https://support.microsoft.com/en-in/help/4055768/tls-1-2-protocol-support-deployment-guide-for-system-center-2012-r2

To make TLSV1.2 compatible in a Microsoft System Center 2016 environment, follow the guidelines at: https://support.microsoft.com/en-us/help/4051111/tls-1-2-protocol-support-deployment-guide-for-system-center-2016

Known issues

If remote support is enabled, the security scans can flag the Axeda Deployment port 3031 as vulnerable. This is because the Axeda port 3031 allows communication over all the protocols (SSLV3, TLSV1, TLSV1.1, and TLSV1.2).

Workarounds

  • After applying this patch, certain security scans may indicate port 3031 as vulnerable. This port provides remote support functionality.

  • In future, remote support will not be a StoreVirtual 3000 Storage feature. When available, apply this patch to disable remote support. Port 3031 will no longer indicates vulnerability.

  • For more information about remote support, see the customer notice HPE StoreVirtual 3000 Storage – End of Remote Support Functionality and Closure of HPE StoreFront Remote Portal available at the following website:

    https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00041480en_us

Installation instructions

Storage system reboot required: Yes

Storage services restart required: No

  1. Log in to the StoreVirtual Management Console (SVMC) on the system you want to update.

  2. On the main menu, select Software Updates.

  3. Select Actions > Install on the content pane.

  4. Select Patches.

  5. Select the patch you want to install.

  6. Click View volume availability.

    1. On the View Volume Availability dialog box, review the list of volumes and snapshots that will be unavailable during the update (if applicable).

    2. Be sure to stop all applications connected to the affected volumes or snapshots and log off those connections before continuing.

    3. When ready, click Close on the View Volume Availability dialog box.

  7. On the Install window, select the check box for I have reviewed client and the volume availability information (click links below) and taken any necessary actions that are required and am ready to install the software. The Install button will not become active until you select this check box.

  8. To proceed with the update, click Install.

    After you click Install, the Tasks window appears so you can monitor the progress of the update.

Support contacts

  • For live assistance, go to the Contact Hewlett Packard Enterprise Worldwide website:

    http://www.hpe.com/assistance

  • Receive support alerts announcing product support communications, driver updates, software releases, firmware updates, and customer replaceable component information, in your email by signing up at: http://www.hpe.com/support/e-updates

Documentation feedback

Hewlett Packard Enterprise is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (docsfeedback@hpe.com). When submitting your feedback, include the document title, part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.