Oracle ILOM Security
Whether you establish a physical management connection to Oracle ILOM through the
local serial port, dedicated network management port, or the standard data network port, it
is essential that this physical port on the server is always connected to an internal trusted
network, or a dedicated secure management or private network.
Never connect the Oracle ILOM service processor (SP) to a public network, such as
the Internet. You should keep the Oracle ILOM SP management traffic on a separate
management network and grant access only to system administrators.
■
Limit the use of the default Administrator account.
Limit the use of the default Administrator account (root) to the initial Oracle ILOM
login. This default Administrator account is provided only to aid with the initial server
installation. Therefore, to ensure the most secure environment, you must change the default
Administrator password (changeme) as part of the initial setup of the system. Gaining
access to the default Administrator account gives a user unrestricted access to all features of
Oracle ILOM. In addition, establish new user accounts with unique passwords and assign
authorization levels (user roles) for each new Oracle ILOM user.
■
Carefully consider risks when connecting the serial port to a terminal server.
Terminal devices do not always provide the appropriate levels of user authentication or
authorization that are required to secure the network from malicious intrusions. To protect
your system from unwanted network intrusions, do not establish a serial connection (serial
port) to Oracle ILOM through any type of network redirection device, such as a terminal
server, unless the server has sufficient access controls.
In addition, certain Oracle ILOM functions, such as password reset and the Preboot menu,
are only made available using the physical serial port. Connecting the serial port to a
network using an unauthenticated terminal server removes the need for physical access, and
lowers the security associated with these functions.
■
Access to the Preboot menu requires physical access to the server.
The Oracle ILOM Preboot menu is a powerful utility that provides a way to reset
Oracle ILOM to default values, and to flash firmware if Oracle ILOM were to become
unresponsive. Once Oracle ILOM has been reset, a user is then required to either press a
button on the server (the default) or type a password. The Oracle ILOM Physical Presence
property controls this behavior (check_physical_presence= true). For maximum security
when accessing the Preboot menu, do not change the default setting (true), so that access to
the Preboot menu always requires physical access to the server.
■
Refer to the Oracle ILOM documentation.
Refer to Oracle ILOM documentation to learn more about setting up passwords, managing
users, and applying security-related features. For security guidelines that are specific to
Oracle ILOM, refer to the Oracle ILOM Security Guide, which is part of the Oracle ILOM
documentation library. You can find the Oracle ILOM documentation at:
http://www.oracle.com/goto/ILOM/docs
Using Server Configuration and Management Tools Securely 13
To Next Page
Loading...
Need help?
General
