Configuring Network-Related Settings

Network Security Configuration

Network Security Configuration

Network Security

The CIMC uses IP blocking as network security. IP blocking prevents the connection between a server or website and certain IP addresses or ranges of addresses. IP blocking effectively bans undesired connections from those computers to a website, mail server, or other Internet servers.

IP banning is commonly used to protect against denial of service (DoS) attacks. CIMC bans IP addresses by setting up an IP blocking fail count.

Configuring Network Security

Configure network security if you want to set up an IP blocking fail count.

Before You Begin

You must log in as a user with admin privileges to configure network security.

Procedure

 

Command or Action

Purpose

Step 1

Server# scope cimc

Enters the CIMC command mode.

Step 2

Server /cimc # scope network

Enters the CIMC network command mode.

Step 3

Server /cimc/network # scope

Enters the IP blocking command mode.

 

ipblocking

 

Step 4

Server /cimc/network/ipblocking #

Enables or disables IP blocking.

 

set enabled {yes no}

 

Step 5

Server /cimc/network/ipblocking #

Sets the number of times a user can attempt to log in

 

set fail-count fail-count

unsuccessfully before the system locks that user out for

 

 

a specified length of time.

 

 

The number of unsuccessful login attempts must occur

 

 

within the time frame specified in the IP Blocking Fail

 

 

Window field.

 

 

Enter an integer between 3 and 10.

Step 6

Server /cimc/network/ipblocking #

Sets the length of time, in seconds, in which the

 

set fail-window fail-seconds

unsuccessful login attempts must occur in order for the

 

 

user to be locked out.

 

 

Enter an integer between 60 and 120.

Step 7

Server /cimc/network/ipblocking #

Sets the number of seconds the user remains locked out

 

set penalty-time penalty-seconds

if they exceed the maximum number of login attempts

 

 

within the specified time window.

 

Cisco UCS C-Series Servers Integrated Management Controller CLI Configuration Guide, Release 1.5

80

OL-28893-01

Page 96
Image 96
Cisco Systems UCSCPCIEBTG, 57712 manual Network Security Configuration, Configuring Network Security