Security Checklist for Server Deployment
To determine which Oracle ILOM security practices might be best when planning the deployment of a new server, system administrators should consult the list of security tasks recommended in the following Table 3-1.
Table 3-1 Checklist - Configuring Oracle ILOM Security at Server Deployment
| ✓ | Security Task | Applicable Firmware Version(s) | For details, see: |
|---|---|---|---|
|
Establish a secure dedicated management connection to Oracle ILOM. |
All firmware versions |
||
|
Decide whether FIPS 140-2 security compliance is required at or after deployment; or, not at all. |
Firmware versions 3.2.4 and later |
||
|
Set Password Policy for All Local User Accounts |
Firmware version 3.2.5 and later |
||
|
Modify the default password provided for the preconfigured Administrator |
All firmware versions |
||
|
Decide whether the preconfigured Oracle ILOM services and their open network ports are applicable for your target environment. |
All firmware versions |
||
|
Configure user access to Oracle ILOM. |
All firmware versions |
||
|
Decide whether access to the host operating system should be locked upon exiting a remote KVMS session. |
Firmware versions 3.0.4 and later |
||
|
Decide whether to limit other SP users from viewing remote KVMS sessions launched from the SP. |
Firmware versions 3.2.4 and later |
||
|
Decide whether to display a security banner message at user login or immediately following user login. |
Firmware versions 3.0.8 and later |
||
|
Ensure that the proper security properties are set for all Oracle ILOM user interfaces. |
All firmware versions |
||
|
For ASR Client configurations, choose to keep the preinstalled SSL Certificate or upload a user-specified SSL Certificate. |
Firmware versions 4.0.x and later. |
||
|
Ensure that the |
Firmware versions 4.0.x and later. |