- Notes, cautions, and warnings
- Overview
- Built in iDRAC and PowerEdge Security
- Securely Configuring iDRAC Web Server
- Securely Using TLS/SSL Certificate
- Federal Information Processing Standards (FIPS)
- Secure Shell (SSH)
- Network Security Configuration
- Interfaces and Protocols to Access iDRAC
- iDRAC Port Configuration
- IPMI and SNMP Security Best Practices
- Secure Enterprise Key Manager (SEKM) Security
- iDRAC9 Group Manager
- Virtual Console and Virtual Media Security
- VNC Security
- User Configuration and Access Control
- Configuring Local Users
- Disabling Access to Modify iDRAC Configuration Settings on Host System
- iDRAC User Roles and Privileges
- Superroot User
- Recommended Characters in Usernames and Passwords
- Password Strength Policy
- Secure Default Password
- Changing the Default Login Password using Web Interface
- Force Change of Password (FCP)
- Simple 2-Factor Authentication (Simple 2FA)
- RSA SecurID Two Factor Authentication (2FA) iDRAC9 Datacenter
- Active Directory
- LDAP
- Customizable Security Banner
- System Lockdown Mode
- Securely Configuring BIOS System Security
- Secure Boot Configuration
- Securely Erasing Data
- LCD Panel
- Server Inventory, Lifecycle Log, Server Profiles, and Licenses Import and Export
- Security Events Lifecycle Log
- Default Configuration Values
- Network Vulnerability Scanning
- Security Licensing
- Field Service Debug (FSD)
- Best Practices
- Appendix - White papers
Bienvenue
Bienvenue dans l’univers Dell
Mon compte
- Passer des commandes rapidement et facilement
- Afficher les commandes et suivre l’état de votre expédition
- Profitez de récompenses et de remises réservées aux membres
- Créez et accédez à une liste de vos produits
- Gérer vos sites, vos produits et vos contacts au niveau des produits Dell EMC à l’aide de la rubrique Gestion des informations de l’entreprise.
iDRAC9 Security Configuration Guide
Server Inventory, Lifecycle Log, Server Profiles, and Licenses Import and Export
iDRAC9 with Lifecycle Controller firmware enables multiple protocols to perform export of server inventory, export of the Lifecycle Controller log, import and export of server profiles, and import of iDRAC with Lifecycle Controller licenses. These interfaces expand the options for network file share support with the Lifecycle Controller UI to include CIFS, NFS, HTTP, and HTTPS simplifying Lifecycle Controller UI operations. The recommended secure protocol for exports and imports of logs, profiles, and licenses is HTTPS.
To communicate using HTTPS, there is an existing iDRAC facility to upload and store certificates for various uses which have been expanded in iDRAC9 to allow the upload of the HTTPS server certificate. With the Apache server, for example, this is often the ca.crt file that is found in /etc/pki/tls/certs. This allows the uploaded certificate to be compared with the HTTPS server certificate at the time of a data transfer to validate the identity of the server.
NOTE:This is not the certificate that is used with the iDRAC GUI or WS-Man for in-bound HTTPS connections to the iDRAC. It is the one used for iDRAC outbound connections from the iDRAC to an external HTTPS server. For example, using a web browser to connect to the iDRAC over HTTPS uses one certificate. When the iDRAC fetches a firmware update package from an HTTPS server, it uses this other different certificate.
Server Profile can be Exported or Imported by navigating to .
- It is recommended to use HTTP/HTTPS shares using a proxy.
- When using HTTPS:
- Configure Expired or invalid certificate action to Show error.
- Upload a valid certificate for outbound connection
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez indiquer si l’article a été utile ou non.
Les commentaires ne doivent pas contenir les caractères spéciaux : <>()\