- Community Home
- >
- Servers and Operating Systems
- >
- HPE BladeSystem
- >
- BladeSystem - General
- >
- Re: 2 Factor Authentication on C3000 and C7000 enc...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2018 07:22 AM
04-12-2018 07:22 AM
2 Factor Authentication on C3000 and C7000 enclosures.
New to a site and new to enclosures and I've been tasked with 2 Factor Authentication on the C3000 and C7000 enclosures. The firmware goes all the way from 3.31 to 4.60
1) Can it be done?
2) Is there a minimum firware level to have 2 Factor Authentication
3) Tricks to update firmware? Or follow the next version until I'm up to a baseline.
Keep in mind that I'm asking this from a novice persepective as far as enclosures and firmware.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-15-2018 11:41 PM - edited 04-15-2018 11:43 PM
04-15-2018 11:41 PM - edited 04-15-2018 11:43 PM
Re: 2 Factor Authentication on C3000 and C7000 enclosures.
1) Can it be done?
Yes, both C3000 and c7000 can be setup for 2 factor authentication.
2) Is there a minimum firware level to have 2 Factor Authentication
Probably. However there are many convoluted firmware issues, all the enclosures should be updated to the latest.
BUT: Because there MANY models of blades, each with their own firmware that can must be compatible.
3) Tricks to update firmware? Or follow the next version until I'm up to a baseline.
With so many compatibility issues with all the components in enclosures, the upgrade task could take a week of research and many outages for both the enclosures as well as the blades. To avoid unplanned downtime, I would rethink the firmware upgrades just for 2 factor.
Access to the enclosure and blades for service (bad disk, RAM, blade replacement) can be a disaster if authentication can't be provided. The risk to business in losing access to multiple systems should be analyzed carefully. Most requirements for improved security are due to the very poor practice of connecting iLO (console) ports to the company network. EVERY server, switch, disk array, router, etc, should have their console access on a separate, unrouted network. Access to this restricted network would then be through a gateway box (with appropriate authentication requirements).
This separate network also avoids security audit issues where older machines do not have any way to have their network issues fixed. Auditors will likely find Java, telnet, ssh, SSL, etc issues but the manufacturer no longer provides upgrades. By keeping access to the iLO/consoles on an isolated network, business continuity is protected and the equipment can be serviced.
Bill Hassell, sysadmin