How to install and configure iDRAC Service Module?

Where is the link to the download for iDRAC Service Module?

Is there a non microsoft OS version? :)

Where is the link to the download for iDRAC Service Module? Is there a non microsoft OS version? :)

The installation guide directs you to get it from support.dell.com. Currently, it'll take you to

http://www.dell.com/support/home/us/en/04/Drivers/DriversDetails?driverId=532W5

If you are running RHEL or SLES, you can also get it from the OMSA YUM repository: http://linux.dell.com/repo/hardware/

There's a community-supported build for Ubuntu at: http://linux.dell.com/repo/community/ubuntu/

Here is the Link to download iDRAC Service Module 

The link to download Dell iDRAC Service Module: http://www.dell.com/support/drivers/us/en/19/DriverDetails?driverId=532W5

Dell iDRAC Service Module (VIB) for ESXi 5.5: http://www.dell.com/support/drivers/us/en/19/DriverDetails?driverId=NT003

Dell iDRAC Service Module (VIB) for ESXi 5.1: http://www.dell.com/support/drivers/us/en/19/DriverDetails?driverId=JD54D

Dell iDRAC Service Module for XenServer 6.2: http://www.dell.com/support/drivers/us/en/19/DriverDetails?driverId=6JY8J

Other than Microsoft Windows, Dell iDRAC Service Module can be installed on the following Linux OSes:

a)      Red Hat Enterprise Linux 5.9

b)      Red Hat Enterprise Linux 6.4

c)       Red Hat Enterprise Linux 6.5

d)      SUSE Linux Enterprise Server 11 SP3

The Dell iDRAC Service Module can also be installed on:

a)      VMware ESXi 5.1 U1

b)      VMware ESXi 5.1 U2

c)       VMware ESXi 5.5

d)      Citrix XenServer 6.2

Thank you Deepti :)

Hi,

After you have installed iDRAC Service Module on your ESXi host, you can configure it using the iDRAC GUI.

Here is a Video which might help you : http://www.youtube.com/watch?v=-U1rBVStbpo&feature=youtu.be

Here are the links to the manuals of iSM 1.0 for your reference:

http://www.dell.com/support/home/us/en/19/product-support/product/dell-idrac-service-module-1.0/manuals

Hope this helps

Thanks

I have tested version 2.1.0 on RHEL6. It has created a network device named 'idrac' that allowed ssh connections to the iDRAC service processor from the host system, circumventing the network security gained from putting the service processor on a separate network. Is there a way to prevent this?

The network between iDRAC Service Processor and Host operating system is secured. Any device from host network or iDRAC network can not access this network device externally

That's true, but user processes on the host can now access the network to the iDRAC. That's a security issue.

You really need to take a hard look at iDrac/host separation. Start with the assumption that the host is compromised and how that affects what can be done to the iDrac network.

Then do some hard thinking about what firmwares a compromised host can change (including disks).

Suggestions:

- Updating iDrac from host should be disabled physically.

- Switches: Make is possible to do private vlans where a port can be configured to make a tagged vlan the isolated one. This way we can put the idrac on a vlan and still share the ports. The idrac will be in a PVLAN where it only can talk to the management servers.

- Consider: If the host is compromised, is the only sane thing to do to bin the server? Is there a backdoor in a firmware?

@E5-2660,

I think the iSM can only function with the 0S-BMC pass through enabled. If you want to disable the os-bmc passthrough and not use iSM you can run "racadm set idrac.OS-BMC.adminstate disabled" or since it is USB, disable all USB from the OS.

Is there documentation on how this is network traffic passthrough to the idrac is implemented? I think I remember something about the LOM somehow filtering out the idrac traffic?

Is it available for Centos 7? What about xcp-ng 8.2?