Abstract
HP Integrated Lights-Out (iLO) is the autonomous management processor that resides on the system
board of ProLiant and Integrity host servers. HP built security features into iLO using multiple layers
that encompass the hardware, firmware, communication interfaces, and deployment capabilities. The
intent of this technology brief is to inform readers about the design of iLO itself and how it ensures
security. This paper describes the mechanisms that iLO uses to ensure authorization, authentication,
privacy, and data integrity. Also described here are the utilities or services providing access points
into iLO or its host system, and how the iLO design mitigates access risks. A brief summary of specific
security recommendations can be found at the end of the paper.
The intended audience for this paper is engineers and system administrators familiar with Lights-Out
technology. The iLO security features described in this paper reflect the release of iLO 2 v1.60 and
iLO v1.91. This document supports both iLO devices; however, certain functions described herein
may only be supported on one and not the other. A designation of “iLO only” or “iLO 2 only”
indicates that the function is exclusive to that device. iLO firmware is backward-compatible. For
example, the latest versions of iLO 2 firmware support any iLO 2 processor. For consistency and best
feature support, HP recommends using the latest version of iLO 2. If no designation is present, then
the function is supported on both devices. The paper is not applicable to the LO-100 processors
found in ProLiant 100-series servers.
Additional information about the iLO processor and feature sets for particular iLO 2 and iLO products
is available on the HP website at
www.hp.com/go/iLO
. A glossary in the appendix includes some
common computing acronyms not defined in the text.
Introduction
Information technology (IT) administrators must plan for security across the IT infrastructure. Because
Integrated Lights-Out (iLO) management processors have such powerful capabilities to modify a
computer setup, it is important to have strong security surrounding the iLO device. HP carefully
considered security requirements of the enterprise and designed iLO to include authentication,
authorization, data integrity, and privacy.
Authentication is determining who is at the other end of the network connection. The iLO processor
incorporates authentication techniques through 128-bit Secure Socket Layer (SSL) encryption.
Authorization refers to determining whether the user attempting to perform a specific action has the
right to perform that action. Using local accounts, the iLO processor offers administrators the ability to
define up to 12 separate users and to vary the server access rights of each. The directory services
capabilities of iLO allow administrators to maintain network user accounts and security policies in a
central, scalable database that supports thousands of users, devices, and management roles.
Data integrity refers to verifying that no one has altered incoming commands or data. The iLO
processor incorporates digital signatures and trusted Java™ and ActiveX applets (used by the
Integrated Remote Console) to verify the integrity of data.
Privacy refers to confidentiality of sensitive data and transactions. Examples of the privacy protection
used in iLO are the 128-bit SSL encryption of web pages and the RC4 encryption of remote console
and virtual serial port data.
3