A Security Profile consists of a set of parameters that can be configured in order to have more control over the services that are active at any time. There are three pre-defined security profiles with pre-set parameters. In addition, a Custom Security Profile is provided where an administrator can configure individual protocols and services.
1. Secure - The Secure profile disables all protocols except SSHv2 and HTTPS. SSH root access is not allowed. Direct access to KVM connections are not available.
2. Moderate (Default) - The Moderate profile is the recommended security level. This profile enables SSHv1, SSHv2, HTTP, HTTPS, and Telnet. In addition, ICMP and HTTP redirection to HTTPS are enabled. Direct access to KVM connections are not available.
3. Open - The Open profile enables all services such as Telnet, SSHv1, SSHv2, HTTP, HTTPS, SNMP, RPC, ICMP, and Telnet. Direct access to KVM connections are available.The following table show the enabled protocols and services under each Security Profile.
•
• Moderate (Default)
•
•
•
•
• HTTP redirection to HTTPS
•
•
• Direct Access to KVM Ports
•
•
•
•
•
• The Custom Security Profile opens up a dialog box to allow custom configuration of individual protocols and services.Caution: By default a number of protocols and services are enabled in the Custom Security Profile, however, the protocols and services are user configurable for site specific requirements. Take the required precautions to understand the potential impacts of each individual service configured under Custom Security Profile.The following table show the available protocols and services under the Custom Security Profile.
•
•
• SSH port 22allow Direct Access to KVM Ports
•
•
•
•
•
•
•
•
1. Select a pre-defined Security Profile or click on the “Custom” button to configure individual protocols and services.Caution: Take the required precautions to understand the potential impacts of each individual service configured under the "Custom" profile.Refer to Enabled Protocols and Services under each Security Profile for a comparison of the available services in each security profile. Refer to the Glossary for a definition of the available services.
2. Once you select a security profile or configure a custom profile and apply the changes, the KVM/netPlus WMI restarts in order for the changes to take effect.