Security guidelines
Learn how to secure your eBMC system.
IBM recommends that you use the following security guidelines for your eBMC system:
- Install and operate the eBMC system on a private network or behind a firewall. Avoid placing the system on an external network.
- When you plug the eBMC system into the network, login to the default admin account of the eBMC system and set the password. You can complete this task by using the eBMC web-based Advanced System Management Interface (ASMI) GUI.
- You can create a separate account for each entity to access the eBMC system. Assign the appropriate role to each account. From the ASMI GUI, go to .
- Use a strong and unique password for each account. From the ASMI GUI, go to .
- Make sure that you have access to an administrator account for service calls.
- Keep the Intelligent Platform Management Interface (IPMI) service of the eBMC system in its default disabled state. The IPMI interface has security vulnerabilities and is deprecated. From the ASMI GUI, go to . For more information, see Risks of using IPMI on IBM Power systems. Instead of using the IPMI, you can manage the system by using DMTF Redfish APIs.
- Create an HTTPS server site-identity certificate and install it onto the eBMC system. From the ASMI GUI, go to .
- Verify that the following eBMC configuration and settings are correctly configured:
- Keep up with security bulletins and firmware updates. For more information, see https://www.ibm.com/mysupport.
- If the eBMC is operated by an IBM Hardware Management Console (HMC), you must consider which eBMC account to use for HMC access. For example, if you use the default admin account of the eBMC and this account is shared by both HMC and ASMI users, then changing the admin account password affects both sets of users.
- Limit physical access to the eBMC. For example, you can install the eBMC system in a secure area.
- If you change the name, password, role, or access privileges of the eBMC user account, the existing sessions of the user can continue and the change might not become effective until the user logs in again. Rebooting the eBMC is one way to make sure that these changes become effective.
- If you change the security access policies (such as disabling IPMI) of the eBMC, you might have to wait 15 seconds or more and might require rebooting the eBMC before the changed policies become effective
- Protect data that is offloaded from the eBMC such as event logs and dumps. For example, store and transmit the data in a secure manner as recommended by your service representative.
- Secure the tools that are used to access the eBMC such as web browsers and Secure Shell (SSH) clients. Insecure tools, tools with insecure configurations, and improperly used tools can leak your access to the eBMC.
- When you access the eBMC from a web browser, make sure that the web browser has the latest fixes and intended security settings.
- When you access the eBMC from a web browser, do not go to other websites in the same browser to help avoid cross-site request forgery (CSRF) attacks.
- When you access the Secure Shell (SSH) interfaces of the eBMC, make sure that your SSH client has the latest fixes and verify that your SSH client configuration settings are as intended. For example, if you want the session idle timeout to be effective on the eBMC, you must disable the “keep alive” mechanism of the SSH client. For example, you can configure the SSH ClientAliveInterval setting on Linux® clients.
- Monitor the eBMC audit logs. From the ASMI GUI, go to . This feature is available on firmware version FW1060 or later.
- If you use Internet Protocol version 6 (IPv6), you can configure the eBMC to use IPv6. This feature is available on firmware version FW1050 or later.