Security considerations overview
The iPDU implements strict security for two important reasons:
The iPDU manages devices that have the potential to perform operations that are sensitive and
The iPDU has browser accessibility.
To better ensure the security of the iPDU and the devices it manages, consider the following topics in
accordance with your organization's security policies and the environment in which the iPDU will operate.
Remote access to the iPDU requires a user account. Logging in requires the use of a user name and
password, which should be kept properly secured.
Each account can be given different access levels, providing different capabilities. Ensure that the
appropriate access level is granted to users.
The web interface is installed behind the firewall.
Browsing to the iPDU can be done using SSL, which encrypts the data between the browser and
iPDU. The iPDU is supported by a 128-bit encryption level. SSL also provides authentication of the
iPDU by means of its digital certificate. Securely importing this certificate must be done to ensure the
identification of the iPDU.
Use a custom SSL certificate that is certified by a third-party SSL authority.
When a browser logs in to the web interface, other browsers on the system also log in. Consider
limiting the time that a browser can be logged in to an account with administrative privileges.
Use non-standard ports for the iPDU web interface.
Disable telnet if remote configuration is not used.
Disable the web interface if the web interface is not preferred.
Installing a digital certificate and encryption key for
The SSL protocol provides for encryption, server and client authentication, and message authentication.
To create your own certificate and key for SSL:
Linux—Many Linux distributions come with pre-compiled OpenSSL packages.
Windows—A Windows version of OpenSSL can be found at the following website:
Instructions for creating a self-signed certificate using OpenSSL can be found at the following
Security considerations 78