RILOE II security

In this section

 

General security guidelines

62

Two-factor authentication

63

Introduction to certificate services

66

Securing RBSU

69

General security guidelines

 

The following are general guidelines concerning security for RILOE II:

 

For maximum security, RILOE II should be set up on a separate management network.

RILOE II should not be connected directly to the Internet.

A 128-bit cipher strength browser must be used.

Password guidelines

The following is a list of recommended password guidelines:

Never write down or recorded passwords.

Never share passwords with others.

Passwords generally should not be words that are in a dictionary or are easy to guess, such as company names, product names, user names, or a user's user ID.

Passwords should include at least three of the following characteristics:

At least one numeric character

At least one special character

At least one lowercase character

At least one uppercase character

Passwords issued for a temporary user ID, a password reset, or a locked-out user ID should also conform to these standards. Each password must be a minimum length of zero characters and a maximum length of 40 characters. The default minimum length is set to eight characters. HP recommends that you do not set the minimum password length to fewer than eight characters is not recommended unless you have a physically secure management network that does not extend outside the secure data center.

Encryption

RILOE II provides strong security for remote management in distributed IT environments by using 128-bit SSL encryption of HTTP data transmitted across the network. SSL encryption ensures that the HTTP information is secure as it travels across the network.

Remote Console data is protected using 128-bit RC4 bidirectional encryption.

RILOE II security 62

Page 62
Image 62
HP 232664-006 manual Riloe II security, General security guidelines, Password guidelines, Encryption