216
14.
Using the iLO security features
iLO security
To access the security features that you can configure with the iLO web interface, click Security in
the navigation tree.
General security guidelines
When you set up and use iLO, consider the following guidelines for maximizing security:
•
Configure iLO on a separate management network.
•
Do not connect iLO directly to the Internet.
•
Install an SSL certificate.
•
Change the password for the default user account.
•
Use an authentication service (for example, Active Directory or OpenLDAP), preferably with
two-factor authentication.
•
Disable protocols that you do not use (for example, SNMP or IPMI over LAN).
•
Disable features that you do not use (for example, Remote Console or Virtual Media).
•
Use HTTPS for the Integrated Remote Console.
Key security features
Configure iLO security features on the following web interface pages.
Access Settings
•
Enable or disable iLO interfaces and features.
•
Customize the TCP/IP ports iLO uses.
•
Configure authentication failure logging and delays.
•
Secure the BMC Configuration Utility.
iLO Service Port
Configure iLO Service Port availability, authentication, and supported devices.
Secure Shell Key
Add SSH keys to iLO user accounts to provide stronger security.
SSL Certificate
Install X.509 CA signed certificates to enable encrypted communications.
Directory
Configure Kerberos authentication and Directory integration.
You can configure iLO to use a directory to authenticate and authorize its users. This
configuration enables an unlimited number of users and easily scales to the number of iLO
devices in an enterprise. The directory also provides a central point of administration for iLO
devices and users, and the directory can enforce a strong password policy.
Summary of Contents for iLO 5
Page 6: ......
Page 27: ...21 ...
Page 67: ...61 ...
Page 117: ...111 Installing license keys iLO Federation group IMPORTANT Do not use this function ...
Page 140: ...134 More Information Configuring iLO access options ...
Page 258: ...252 5 The security message is displayed at the next login ...
Page 314: ...308 Reset iLO ...
Page 334: ......