TR-4401: PCI DSS 3.0 and Clustered Data ONTAP 8.3
This technical report provides guidance and information that auditors and system operators will find useful in applying the Payment Card Industry (PCI) Data Security Standard (DSS) requirements to a storage system that runs the clustered Data ONTAP operating system.
If you want more generalized security recommendations around clustered Data ONTAP, such as RBAC, network isolation, firewalls, logging, keys, etc. then check this TR out:
TR-4393: Clustered Data ONTAP Security Guidance
This document provides a set of practical recommendations to enhance the security of a clustered Data ONTAP system. Note that the protection of user data itself is primarily the responsibility of the appropriate SAN and NAS protocols and configurations. These are secure by default and need little configuration and provide data confidentiality. Therefore, this document focuses on securing the system itself by focusing on administrative interfaces and services. It is intended to reinforce the integrity and availability of a clustered Data ONTAP system in a typical data center environment.