1 Understanding the threat #
Before you start to harden your SUSE Enterprise Storage cluster you need to consider the threat landscape you try to control.
Depending on your exposure you will need to invest at different levels. You need to take differing measures when you use SUSE Enterprise Storage to provide storage on an internal network to a well-known group of employees, as opposed to deploying a cluster in a setting where arbitrary internet actors can access the cluster. For example, in a public cloud offering as storage solution.
This is something that needs to happen as a first step as it provides a set of guidelines on how much effort you need to invest to get to the level of security you need.
If you have a mature IT security landscape, you should have already policies and standards that you can use to guide you here. You need to have a threat model for the planned system and implement measures that you find necessary for your situation. Look to you CISO or similar role for guidance on this. It is mandatory to understand the potential threats and security requirements before you continue.
Without a threat model you run the risk of not investing enough or you might spent to much on securing a resource than you should. A good approach to this is described in the OWASP Threat Modeling Cheat Sheet.