Network Management Service Deployment Options

Language:

Oracle ILOM supports the configuration of several network management services. Some of these services are enabled by default, while others require configuration. To better understand which management services arrive enabled, and which management services are actually required for your network environment, see the following table.

Note - You should only enable the management services that are required for your network management environment.

Table 34 Management Access Deployment Options and Default Settings

Management Access	Management Service	Defaults	Description
Web browser client	Web Server	HTTPS over port 443 enabled TLS v1.2 enabled TLS v1.1 disabled by default. SSL certificate & self-signing keys Client timeout session, 15 minutes FIPS compliance mode disabled	The Web Server management service in Oracle ILOM, by default, enables a secure communication channel between a web browser client and the Oracle ILOM SP or CMM. Network administrators can accept the default web server properties provided in Oracle ILOM or choose to modify them as needed. Related Information: Operating Oracle ILOM in FIPS Compliance Mode Use of Web Server Certificates and SSH Server-Side Keys Figure 38, Table 38, Web Server Configuration Properties
Command-line SSH client	Secure Shell (SSH) Server	Port 22 enabled Generated SSH keys Client timeout session, unlimited FIPS compliance mode disabled	The SSH Server service in Oracle ILOM uses server-side keys to encrypt the management channel between an SSH command-line client and an Oracle ILOM SP or CMM. Oracle ILOM automatically generates the server-side SSH keys on the first boot of a factory default system. Related Information: Figure 41, Table 41, SSH Server Configuration Properties Operating Oracle ILOM in FIPS Compliance Mode Use of Web Server Certificates and SSH Server-Side Keys
SNMP application client	Simple Network Management Protocol (SNMP)	SNMPv3 over port 161, enabled SNMP sets disabled User account configuration required FIPS compliance mode disabled	The SNMP management service in Oracle ILOM offers a secure protocol management solution for monitoring and managing Oracle servers. All SNMP monitoring and management functionality is accessible from an SNMP application, such as Net-SNMP. Prior to using the SNMP management service in Oracle ILOM, one or more Oracle ILOM user accounts must be created. Additionally, prior to using SNMP sets, the SNMP sets property must be enabled. Oracle ILOM is shipped with SNMPv3 enabled, although administrators can optionally choose to enable the properties for SNMPv1 or SNMPv2c. Related Information: Figure 40, Table 40, SNMP Configuration Properties Operating Oracle ILOM in FIPS Compliance Mode Configuring SNMP Settings in Oracle ILOM in Oracle ILOM Protocol Management Reference SNMP and IPMI Firmware Release 4.0.x Alert Notification Configuration Properties
IPMItoolclient	IPMI	IPMPv2 over port 623, enabled IPMI Service state enabled IPMI 1.5 disabled by default (as of 3.2.4)	The IPMI management service in Oracle ILOM offers a secure protocol solution for monitoring and managing Oracle servers. IPMI monitoring and management functionality is accessible from the Oracle ILOM CLI using the IPMItool utility. IPMI configurable properties in Oracle ILOM include the IPMI management service state and the required user roles (Administrator or Operator) for performing IPMI management functions from the Oracle ILOM CLI. Note - As of firmware 3.2.4, a configurable property for enabling and disabling IPMI 1.5 is provided. This property is removed from the user interfaces when FIPS mode is enabled. Related Information: Figure 42, Table 42, IPMI Service Configuration Properties Operating Oracle ILOM in FIPS Compliance Mode Assignable Oracle ILOM User Roles Server Management Using IPMI in Oracle ILOM Protocol Management Reference SNMP and IPMI Firmware Release 4.0.x Alert Notification Configuration Properties