2. What type of encryption is used to secure traffic between the management entities? They may use SSL, SSH and...
in certain environments VPN/IPSec may help.
3. How the encryption keys are stored and secured?
4. How the secrets (e.g. passwords) are secured while in storage?
5. What kind of access control (RBAC etc.) is supported?
Remember that the management network has several components -- and you want to probe the security for each component: managed entity (switches, ports, etc.), management server, management admin workstation and the network over which they are connected. Also, the traffic may traverse over Fibre Channel (FC) or IP -- you need to address both.
There is a lot you, as the end user, can do. For starters, keep the corporate network and the storage management network separate.
Related Q&A from Vijay Ahuja
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.