HP Xw460c HP Integrated Lights-Out 2 User Guide for Firmware 1.75 and 1.77 - Page 42
General security guidelines, Password guidelines, Securing RBSU
View all HP Xw460c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 42 highlights
• Encrypted communication using: o SSH key administration o SSL certificate administration • Support for optional LDAP-based directory services Some of these options are licensed features. To verify your available options, see the section, "Licensing (on page 26)." General security guidelines The following are general guidelines concerning security for iLO 2: • For maximum security, iLO 2 should be set up on a separate management network. • iLO 2 should not be connected directly to the Internet. • A 128-bit cipher strength browser must be used. Password guidelines The following is a list of recommended password guidelines. Passwords should: • Never be written down or recorded • Never be shared with others • Not be words generally found in a dictionary, or easy to guess words, such as the company name, product names, the user's name, or the user's User ID • Include at least three of the four following characteristics: o At least one numeric character o At least one special character o At least one lowercase character o At least one uppercase character Passwords issued for a temporary user ID, password reset, or a locked-out user ID should also conform to these standards. Each password must be a minimum length of zero characters and a maximum length of 39 characters. The default minimum length is set to eight characters. Setting the minimum password length to fewer than eight characters is not recommended unless you have a physically secure management network that does not extend outside the secure data center. Securing RBSU iLO 2 RBSU enables you to view and modify the iLO 2 configuration. RBSU access settings can be configured using RBSU, a web browser (Access options (on page 39)), RIBCL scripts, or the iLO 2 Security Override Switch. RBSU has three levels of security: • RBSU Login Not Required (default) Anyone with access to the host during POST can enter the iLO 2 RBSU to view and modify configuration settings. This is an acceptable setting if host access is controlled. • RBSU Login Required (more secure) If RBSU login is required, then the active configuration menus are controlled by the authenticated user's access rights. Configuring iLO 2 42