Protecting Snmp Traffic; Using Ilo With Other Hp Management Tools; Integration With Hp Systems Insight Manager - HP AB500A - Integrated Lights-Out Advanced Configuration

iLO 2 Remote Console settings
• The Enabled setting turns-on the telnet port and disables encryption so that telnet access is
available.
• The Disabled setting turns-off the telnet port so that telnet access is not available.
• Regardless of this setting, the iLO remote console and integrated remote console are always
available in the encrypted mode.
For maximum security when the Remote Console is enabled, HP recommends that the administrator
turn on the Remote Console encryption.
For maximum security for customers who do not require the Remote Console feature, HP recommends
disabling the Remote Console port.
NOTE:
Because Telnet sessions connect to port 23, an administrator that has
disabled the Remote Console port or set the Remote Console port to auto-
enable will not have Telnet support. Telnet support is available only when
the Remote Console port is enabled and Remote Console encryption is
disabled.

Protecting SNMP traffic

Because SNMP uses passwords (known as community strings) that are sent across the network in clear
text, it is important to enhance the network security when using SNMP traffic. Here are two
suggestions:
Reset the community strings (read-write, read-only, and trap) with the same frequency and according
to the same guidelines as the administrative passwords. For example, select alphanumeric strings with
at least one uppercase letter, one numeral, and one symbol.
Set firewalls or routers to accept only specific source and destination addresses. For example, an
administrator can allow inbound SNMP traffic into the host server only if it comes from one of the
predetermined management workstations.

Using iLO with other HP management tools

Administrators have the ability to integrate iLO with other HP and non-HP management applications.
The management and reporting capabilities of ProLiant Onboard Administrator are available for
integration with iLO. The iLO device can be launched using HP SIM, which automatically enables
centralized monitoring and access to all activated iLO processors in the environment.

Integration with HP Systems Insight Manager

The Insight Management Suite and management agents are tightly integrated with iLO. Therefore,
administrators can view subsystem and status information from a web browser. HP Systems Insight
Manager (HP SIM) can identify an iLO processor and create an association between the iLO and its
host server. The administrator of the iLO device may configure it to respond to HP SIM identification
requests. HP SIM identifies the iLO as a management processor and displays its status within the
Systems List. The iLO management processor is displayed as an icon in the device list on the same
row as its host server. The color of the icon represents the status of the iLO. The device list provides
direct hyperlink access to each iLO device (see Figure 6), giving the administrator the benefit of
having a single location for accessing all iLO management devices (including Remote Insight Lights-
Out Edition II or RILOE II boards).
21