iDRAC10 Security Configuration Guide

PDF

Default Configuration Values

The table below includes the security configurations that are described in this document and the default values.

Table 1. Default Configuration ValuesThe following table describes the default configuration values:
Configuration Default Values
iDRAC.Webserver.HttpsRedirection 1 - Enabled
iDRAC.Webserver.TLSProtocol 1 -TLS 1.3 and higher
iDRAC.Webserver.SSLEncryptionBitLength 1- 128-Bit or higher
iDRAC.Webserver.CustomCipherString None
TLS/ SSL Certificates Self-signed certificate
iDRAC.Security.FIPSMode 0 - Disabled
iDRAC.Users.2.SSHPublicKey1 None
iDRAC.SSHCrypto.KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384,ecdh-sha2-nistp521
iDRAC.SSHCrypto.Ciphers chacha20-poly1305@openssh.com,aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com
iDRAC.NIC.Selection 1 - Dedicated
iDRAC.NIC.VlanEnable 0 – Disabled
iDRAC.USB.PortStatus 1 – Enabled
iDRAC.autodiscovery.EnableIPChangeAnnounce 1 – Enabled
iDRAC.IPMILan.Enable 0 – Disabled
iDAC.IPMISOL.Enable 1 – Enabled
iDRAC.SNMP.AgentEnable 0 – Disabled
iDRAC.NTPConfigGroupEnable.NTPEnable 0 – Disabled
iDRAC.GUI.SecurityPolicyMessage By accessing this system, you confirm that such access complies with your organization's security policy.
iDRAC.VirtualConsole.Enable 1 – Enabled
iDRAC.VirtualConsole.EncryptEnable 1 – Enabled
iDRAC.VirtualConsole.WebRedirect 0 – Disabled
iDRAC.VNCServer.SSLEncryptionBitLength 1 – Auto Negotiate
iDRAC.VNCServer.Enable 0 – Disabled
iDRAC.VNCServer.Timeout 300
iDRAC.Users.2.IpmiLanPrivilege 15 – No Access
iDRAC.Users.2.ProtocolEnable. If SNMPv3 is needed set Authentication Type to SHA and Privacy Type to AES. 0 – Disabled
iDRAC.Users.2.AuthenticationProtocol 2 – SHA
iDRAC.Users.2.PrivacyProtocol 2 – AES
iDRAC.Users.2.Simple2FA 0 – Disabled
iDRAC.Security.MinimumPasswordScore 1 – Weak Protection
iDRAC.Security.PasswordRequireNumbers 0 – Disabled
iDRAC.Security.PasswordMinimumLength 0
iDRAC.Security.PasswordRequireSymbols 0 – Disabled
iDRAC.Security.PasswordRequireUpperCase 0 – Disabled
iDRAC.SecureDefaultPassword.ForceChangePassword 0 – False
iDRAC.ActiveDirectory.Enable 0 – Disabled
iDRAC.LDAP.Enable 0 – Disabled
iDRAC.Lockdown.SystemLockdown 0 – Disabled
BIOS.Syssecurity.PasswordStatus Unlocked
BIOS.Syssecurity.PwrButton Enabled
BIOS.Syssecurity.UefiVariableAccess Standard
BIOS.Syssecurity.SecureBoot Disabled
BIOS.Syssecurity.SecureBootPolicy Standard
BIOS.Syssecurity.SecureBootMode DeployedMode
LifeCycleController.LCAttributes.UserProxyPort 80
LifeCycleController.LCAttributes.UserProxyType HTTP
LifeCycleController.LCAttributes.IgnoreCertWarning 1 – On

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\