Setting Up Security

For greater security and reliability, HP recommends that iLO 2 MP management traffic be on a separate dedicated management network and that only administrators be granted access to that network. This not only improves performance by reducing traffic load across the main network, it also acts as the first line of defense against security attacks. A separate network enables you to physically control which workstations are connected to the network.

Setting Security Access

Determine the security access required and what user accounts and privileges are needed. The iLO 2 MP provides options to control user access. Select one of the following options to prevent unauthorized access to the iLO 2 MP:

Change the default user name and password. See “Modifying User Accounts and Default Passwords” (page 46).

CAUTION: When DHCP is enabled, the system is vulnerable to security risks because anyone can access the iLO 2 MP until you change the default user name and password.

HP strongly recommends you assign user groups and rights before proceeding.

Create local accounts. You can store up to 19 user names and passwords to manage iLO 2 MP access. This is ideal for small environments such as labs and small-to-medium sized businesses.

Use corporate directory services to manage iLO 2 MP user access. This is ideal for environments with a large number of frequently changing users. If you plan to use directory services, HP recommends leaving at least one local account enabled as an alternate method of access.

For more information on how to create local accounts and use directory services, see Chapter 7: “Installing and Configuring Directory Services ” (page 147).

Additional Setup

47

Page 47
Image 47
HP Integrity iLO 2 MP 5991-6005 manual Setting Up Security, Setting Security Access, Additional Setup