HP 232664-006 RILOE II security, General security guidelines

RILOE II security

•For maximum security, RILOE II should be set up on a separate management network.

•RILOE II should not be connected directly to the Internet.

•A 128-bit cipher strength browser must be used.

Password guidelines

The following is a list of recommended password guidelines:

•Never write down or recorded passwords.

•Never share passwords with others.

•Passwords generally should not be words that are in a dictionary or are easy to guess, such as company names, product names, user names, or a user's user ID.

•Passwords should include at least three of the following characteristics:

•At least one numeric character

•At least one special character

•At least one lowercase character

•At least one uppercase character

Passwords issued for a temporary user ID, a password reset, or a locked-out user ID should also conform to these standards. Each password must be a minimum length of zero characters and a maximum length of 40 characters. The default minimum length is set to eight characters. HP recommends that you do not set the minimum password length to fewer than eight characters is not recommended unless you have a physically secure management network that does not extend outside the secure data center.

Encryption

RILOE II provides strong security for remote management in distributed IT environments by using 128-bit SSL encryption of HTTP data transmitted across the network. SSL encryption ensures that the HTTP information is secure as it travels across the network.

Remote Console data is protected using 128-bit RC4 bidirectional encryption.

RILOE II security 62