A Security Profile consists of a set of parameters that can be configured in order to have more control over the services that are active at any time. There are three pre-defined security profiles with pre-set parameters. In addition, a Custom Security Profile is provided where an administrator can configure individual protocols and services.
1. Secure - The Secure profile disables all protocols except SSHv2 and HTTPS. SSH root access is not allowed.
2. Moderate (Default) - The Moderate profile is the recommended security level. This profile enables SSHv1, SSHv2, HTTP, HTTPS, and Telnet. In addition, ICMP and HTTP redirection to HTTPS are enabled.
3. Open - The Open profile enables all services such as Telnet, SSHv1, SSHv2, HTTP, HTTPS, SNMP, RPC, ICMP, and Telnet.The following table show the enabled protocols and services under each Security Profile.
•
• Moderate (Default)
•
•
•
•
• HTTP redirection to HTTPS
•
•
•
•
•
•
•
•
• The Custom Security Profile opens up a dialog box to allow custom configuration of individual protocols and services.Caution: By default a number of protocols and services are enabled in the Custom Security Profile, however, the protocols and services are user configurable for site specific requirements. Take the required precautions to understand the potential impacts of each individual service configured under Custom Security Profile.The following table show the available protocols and services under the Custom Security Profile.
•
•
• SSH port 22
•
•
•
•
•
•
•
•
1. Select a pre-defined Security Profile or click on the “Custom” button to configure individual protocols and services.Caution: Take the required precautions to understand the potential impacts of each individual service configured under the "Custom" profile.Refer to Enabled Protocols and Services under each Security Profile for a comparison of the available services in each security profile. Refer to the Glossary for a definition of the available services.
2. Once you select a security profile or configure a custom profile and apply the changes, the KVM WMI restarts in order for the changes to take effect.