Продукти
Европейската програма Конкурентоспособност
Евперативна програма - Иновации и конкурентоспособност 2014-2020
Избор на изпълнител/и за надграждане на съществуваща ERP система с модули с нови функционалности
Европейски фонд за регионално развитие
Best Practices for managing servers with IPMI features enabled in Datacenters
Baseboard Management controllers (BMC) with IPMI is commonly used to manage servers. Most Supermicro server models support IPMI either through a dedicated management interface or through ...

19 Юли 2013 12:07

Baseboard Management controllers (BMC) with IPMI is commonly used to manage servers. Most Supermicro server models support IPMI either through a dedicated management interface or through a shared LAN. All X7 and later generation products have IPMI 2.0 enabled that provides security through encryption algorithms. BMC provides powerful remote debugging capabilities in the datacenters but at the same time if not configured properly, causes unwarranted access to BMCs from Internet or within the company and can compromise the security of your machines. Supermicro recommends the following steps that datacenters need to consider while using IPMI to manage your machines.

1. Network Configuration
a. Restrict inbound traffic over internet directly to BMCs. Logon to a secure management server in datacenter and manage all BMCs from the management server.
b. Reserve special IP address range (private subnets) to BMC management interfaces and management servers. Don’t use reserved IP subnets with LAN interfaces of the managed machines.
c. Configure the firewall to restrict outbound traffic from BMC including alerts within the reserved IP range.
d. Use dedicated management interfaces for managing BMCs. If dedicated management interfaces are absent and have to use shared LAN, then configure separate VLANs for

2. BMC Configuration
a. Customize service ports information on the BMC to your datacenter specifications. For example; you can configure http port to 57880 instead of 80.
b. Change the default password during installation and use strong passwords
c. Create user policies and roles on BMC
d. Use the IP Access Policy to enable access rules to BMC from management servers

3. Additional measures
a. Monitor for unusual traffic between BMC and other machines in the network
b. Pay attention to firmware release notes (especially related to security fixes) and plan upgrades of the firmware during maintenance cycles

For further questions, please contact service@persy.com


Количка
0 продукта

0 .00 USD
без ДДС

прегледай | поръчай
Свържете се с нас
0700 42030
 
Търговски отдел:
sales@persy.com

Сервизен отдел:


Intel Technology Provider Platinium

Intel Technology Provider HPC Data Centre Specialist

nVidia - Partner Force - TESLA Prefered Provider

Електронен бюлетин
Научавайте веднага за нови продукти, промоции и новини!


Перси ООД работи със система за управление на качеството ISO 9001:2008
Сертификат No. 90810529

Плащания
цените в лева се калкулират по курс продава на RBB в деня на плащане