Install Oracle SuperCluster M8 and SuperCluster M7 systems and related equipment in a locked, restricted-access room.
Lock the rack doors unless service is required on components within the rack. Doing so restricts access to hot-pluggable or hot-swappable devices, and to USB ports, network ports, and system consoles.
Store spare FRUs (field-replaceable units) or CRUs (customer-replaceable units) in a locked cabinet. Restrict access to the locked cabinet to authorized personnel.
Periodically verify the status and integrity of the locks on the rack and the spares cabinet to guard against, or detect, tampering or doors being accidentally left unlocked.
Store cabinet keys in a secure location with limited access.
Restrict access to USB consoles. Devices such as system controllers, PDUs (power distribution units), and network switches can have USB connections. Restricting physical access is a more secure method of accessing a component, because it is not susceptible to network-based attacks.