Security Checklist for Post Server Deployment

To determine which Oracle ILOM security practices are best to maintain on existing servers in your environment, system administrators should consult the list of security tasks recommended in the following Table 3-2.

Table 3-2 Checklist - Maintaining Oracle ILOM Security After Server Deployment

✓	Security Task	Applicable Firmware Version(s)	For details, see:
_	Maintain a secure management connection to Oracle ILOM	All firmware versions	Avoid Unauthenticated Host KCS Device Access Preferred Authenticated Host Interconnect Access Configure IPMI Management Access for Increased Security
_	Ensure that remote KVMS and serial text-based sessions are securely launched from Oracle ILOM.	All firmware versions	KVMS Remote Communication and Encryption Protect Against Remote KVMS Shared Access Protect Against Host Serial Console Shared Access
_	Maintain and track user access to Oracle ILOM.	All firmware versions	Post Deployment Considerations for Securing User Access
_	Security actions required for resetting a lost password for the preconfigured Admin root account.	Firmware versions 3.1 and later	Physical Security Presence for Resetting root Account Default Password
_	Security actions required if the FIPS 140-2 compliance mode must be modified in Oracle ILOM after server deployment.	Firmware version 3.2.4 and later	Modify FIPS Mode Post Deployment Unsupported Features When FIPS Mode Is Enabled
_	Ensure your software and firmware are current on the server.	All firmware releases	Updating to the Latest Software and Firmware