Security Audits
Recent legislation may mandate periodic security audits. iLO maintains an event log containing date-
and time-stamped information pertaining to events that occurred in the iLO configuration and
operation. This log can be accessed manually through the System Status tab of the iLO browser
interface. An automated examination and parsing is available for extraction through XML commands.
The log can be parsed by date/time and authenticated user for information relating to security events.
General security
recommendations
For more complete information about iLO security, consult the
HP Integrated Lights-Out User Guide,
the
HP Integrated Lights-Out 2 User Guide
, and or the
Planning and configuration recommendations
for Integrated Lights-Out processors.
These documents are available at these HP web sites
respectively:
http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00209014/c00209014.pdf
,
http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00553302/c00553302.pdf
,
http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00257375/c00257375.pdf
respectively.
HP recommends that customers observe the following security practices, stated here in abbreviated
form:
•
Use a separate management network.
For security and performance reasons, HP recommends that
customers establish a private management network separate from their data network and that only
administrators be given access to that management network.
•
Do not connect iLO directly to the Internet.
The iLO processor is designed as a management and
administration tool, not as an Internet gateway. Typically, customers would connect to the Internet
using a corporate VPN that provides firewall protection.
•
If using local accounts, change
passwords frequently.
The default iLO password should be changed
immediately to a more relevant password. Administrators should change the iLO management
passwords with the same frequency and according to the same guidelines as the server
administrative passwords. Passwords should include at least three of these four characteristics:
numeric character, special character, lowercase character, and uppercase character.
•
Implement directory services.
This allows authentication and authorization using the same login
process employed throughout the rest of the network. It provides a way to control multiple iLO
devices simultaneously. Directories provide role-based access to iLO with very specific roles and
privileges based on time and location.
•
Implement two-factor authentication.
This provides additional security, especially when connections
can be made remotely or outside the local network.
•
Restrict access to remote console port
. To provide tighter security, a user with supervisor rights can
restrict access to the remote console port and can turn on encryption. For maximum security when
the remote console is enabled, HP recommends that the administrator turn on the remote console
encryption. For maximum security for customers who do not require the remote console feature, HP
recommends disabling the remote console port.
•
Protect SNMP traffic
. Administrators should reset the community strings according to the same
guidelines as the administrative passwords. Administrators should also set firewalls or routers to
accept only specific source and destination addresses. If SNMP is not desired, administrators can
disable this feature at the host. Administrators can also disable the iLO SNMP pass-through.
Conclusion
The design of the iLO processor allows customers to deploy their ProLiant servers without worry that
the management processor will allow non-secure actions. The iLO processor uses strong
authentication, highly configurable user privileges with strong authorization processes, and encryption
34