Go to main content

Oracle® ILOM Security Guide For Firmware Releases 3.x and 4.x

Exit Print View

Updated: May 2019
 
 

Security Checklist for Server Deployment

To determine which Oracle ILOM security practices might be best when planning the deployment of a new server, system administrators should consult the list of security tasks recommended in the following Figure 1, Table 1, Checklist - Configuring Oracle ILOM Security at Server Deployment .

Table 1  Checklist - Configuring Oracle ILOM Security at Server Deployment
Security Task
Applicable Firmware Version(s)
For details, see:
Establish a secure dedicated management connection to Oracle ILOM.
All firmware versions
Decide whether FIPS 140-2 security compliance is required at or after deployment; or, not at all.
Firmware versions 3.2.4 and later
Set Password Policy for All Local User Accounts
Frimware version 3.2.5 and later
Modify the default password provided for the preconfigured Administrator root account.
All firmware versions
Decide whether the preconfigured Oracle ILOM services and their open network ports are applicable for your target environment.
All firmware versions
Configure user access to Oracle ILOM.
All firmware versions
Decide whether access to the host operating system should be locked upon exiting a remote KVMS session.
Firmware versions 3.0.4 and later
Decide whether to limit other SP users from viewing remote KVMS sessions launched from the SP.
Firmware versions 3.2.4 and later
Decide whether to display a security banner message at user login or immediately following user login.
Firmware versions 3.0.8 and later
Ensure that the proper security properties are set for all Oracle ILOM user interfaces.
All firmware versions
For ASR Client configurations, choose to keep the preinstalled SSL Certificate or upload a user-specified SSL Certificate.
Firmware versions 4.0.x and later.
Ensure that the servicetagprotocol is properly configured to use HTTPS and a passphrase.
Firmware versions 4.0.x and later.