BladeSystem Management Software

Onboard Administrator (OA) Security best practice

 
chuckk281
Trusted Contributor

Onboard Administrator (OA) Security best practice

Mohammed had a customer question onsetting up the OA:

 

**************

 

Dear Experts

                We have a customer asking for the following due to security requirement …

 

·         We have 16 Servers , 8 of them should be working in the DMZ network which physical isolated , and other 8 will be working in production network , can we have the ILO IP Address with different IP Address and Different VLAN , for example 8 Servers belong to DMZ will have ILO IP Address from DMZ Network and other 8 servers from Prod Network.

 

·         Can we connect physical one OA to DMZ and other one to Prod without Redundancy to achieve the same.

 

***********

 

Reply from Dan:

 

************

 

You can use VLANs to segregate but this requires .1q VLAN tagging on the OA uplinks.

 

No, you cannot have both OAs operational and use different uplinks to access different networks.

 

*************

 

Other comments?