General security guidelines
When you set up and use iLO, consider the following guidelines for maximizing security:
Set up iLO on a dedicated management network.
Do not connect iLO directly to the Internet.
IMPORTANT:Change the iLO user account passwords immediately if iLO has been connected directly to the Internet.
Install an SSL certificate that is signed by a Certificate Authority (CA).
You can perform this task on the SSL Certificate Information page.
Change the password for your user accounts, including the default user account.
You can perform this task on the User Administration page.
IMPORTANT:Follow the iLO user account password guidelines when you create and update user accounts.
Instead of creating accounts with all privileges, create multiple accounts with fewer privileges.
Keep your iLO and server firmware up-to-date.
Use an authentication service (for example, Active Directory or OpenLDAP), preferably with two-factor authentication.
Disable ports and protocols that you do not use (for example, SNMP or IPMI/DCMI over LAN).
You can perform this task on the Access Settings page.
Disable features that you do not use (for example, remote console).
You can perform this task on the Access Settings page.
Use HTTPS for the remote console.
To configure this option, enable the IRC requires a trusted certificate in iLO setting on the Remote Console & Media page Security tab.
Configure the remote console to automatically lock the server OS console.
To configure this option, configure the Remote Console Computer Lock setting on the Remote Console & Media page Security tab.
Configure a higher security state on the Encryption Settings page.
Configure iLO to require login credentials when users access the iLO 5 Configuration Utility in the UEFI System Utilities.
You can perform this task on the Access Settings page.
Configure iLO to log authentication failures.
You can perform this task on the Access Settings page.
Enable firmware verification scans.
You can perform this task on the Firmware Verification page.
Use the Security Dashboard page to monitor security risks and recommendations.
For more information, see the Top 10 security settings for HPE iLO 5 and Recommended Security Settings in HPE iLO 5 videos.