Go to main content

Oracle^® ILOM Security Guide For Firmware Releases 3.x and 4.x

Exit Print View

» ...Documentation Home » Oracle Integrated Lights Out Manager (ILOM) ... » Oracle^® ILOM Security Guide For ... » Oracle ILOM Deployment Practices for ... » Configuring Oracle ILOM Interfaces for ... » Configure the Web Interface for Increased Security » Set a Timeout Interval for Inactive Web Sessions

Updated: December 2019

Oracle^® ILOM Security Guide For Firmware Releases 3.x and 4.x

Document Information

Using This Documentation

Security Features Per Oracle ILOM Firmware Release

Checklists for Keeping Oracle ILOM Secure

Oracle ILOM Deployment Practices for Increasing Security

Securing the Physical Management Connection

Choosing Whether to Configure FIPS Mode At Deployment

Enable FIPS Mode at Deployment

Unupported Features When FIPS Mode Is Enabled

Securing Services and Open Network Ports

Preconfigured Services and Network Ports

Management of Unwanted Services and Open Ports

Configuring Services and Network Ports

Securing Oracle ILOM User Access

Avoid the Creation of Shared User Accounts

Assignment of Role-Based Privileges

Security Guidelines for Managing User Accounts and Passwords

Remote Authentication Services and Security Profiles

Configuring User Access for Increased Security

Securing the Automatic Service Request (ASR) Endpoint Connection

Uploading an SSL Certificate for ASR Client Configurations

Configuring Oracle ILOM Interfaces for Increased Security

Configure the Web Interface for Increased Security

Improve Security by Using a Trusted SSL Certificate and Private Key

Enable the Strongest TLS Encryption Properties

Set a Timeout Interval for Inactive Web Sessions

Configure the CLI for Increased Security

Management of SSH Server State and Weak Ciphers

Set a Timeout Interval for Inactive CLI Sessions

Use Server Side Keys to Encrypt SSH Connections

Append SSH Keys to User Accounts for Automated CLI Authentication

Configure SNMP Management Access for Increased Security

Use SNMPv3 Encryption and User Authentication

Sun SNMP MIBs Supporting Configurable Objects

Configure IPMI Management Access for Increased Security

Use IPMI TLS Service for Enhanced Authentication and Packet Encryption

Oracle ILOM IPMI Security Guidelines

IPMI 2.0 Authentication Cypher Suite Support

Configure WS-Management Access for Increased Security

Oracle ILOM Post Deployment Practices for Increasing Security

Language:

Set a Timeout Interval for Inactive Web Sessions

The Oracle ILOM web session timeout intervals provide security for web access users who forget to log out. The web session time-out intervals determine how many minutes can lapse until an inactive HTTP or HTTPS web session is automatically logged out. This feature reduces the risk of an unauthorized user finding an unattended computer with an established authenticated web session to Oracle ILOM.

To view or modify the web session time-out intervals set for HTTP and HTTPS sessions, see the following web-based instructions.

Before You Begin

The default web session time-out interval set for HTTP and HTTPS connections is 15 minutes.

Note - Lowering the session time-out might cause users to have to re-enter his or her user name and password more often, as sessions expire. However, lowering the session time-out will shorten the amount of time during which unattended authenticated web sessions remain active.
Admin (a) role is required to modify the web server properties
The HTTP and HTTPS session time-out interval properties are only configurable in Oracle ILOM for server SPs running firmware release 3.0.4 or later.

Navigate to the Web Server page.
For instance, in the:
- 3.0.x web interface, click Configuration -> System Management Access -> Web Server.
- 3.1 and later web interface, click ILOM Administration -> Management Access -> Web Server.

In the Web Server page, perform the following:
1. Navigate to the HTTP or HTTP Session Timeout property.
2. Enter a number between 1-720 minutes to specify how many minutes can lapse until an inactive web session is automatically logged out.
3. Click Save to apply the changes.

Related Information

Web Server Configuration Properties in Oracle ILOM Administrator’s Guide for Configuration and Maintenance Firmware Release 4.0.x

Copyright © 2012, 2019, Oracle and/or its affiliates. All rights reserved.