The CMM Secure
security policy is the most secure and least flexible setting that
is available for your configuration.
The Secure security policy establishes a more restrictive chassis
infrastructure with a higher level of control over users and chassis
configuration. It helps secure the chassis environment and enforces
the following conditions:
- Stronger complex password policies for CMM user
accounts.
- Mandatory change of password for all user accounts
at first login. Updated passwords that replace the manufacturing default
passwords are required after the initial setup.
- Only secure communication protocols can be enabled.
Communication protocols that are not secure are disabled: FTP, SNMPv1,
Telnet, TFTP, FTP, and non-secure TCP command mode.
You can select the Secure security policy by using the CMM web
interface or the CMM CLI.
Note: The compute node system-management
processors need to be reset when changing the security policy. The compute node web
interface indicates Lenovo Flex System
chassis components
that must be restarted for security policy changes to take effect.
- In the CMM web
interface, select Security from the Mgt Module Management menu;
then, on the Security Policies page use the slider bar to select Secure,
and click Apply. All fields and options are fully described
in the CMM web
interface online help.
- In the CMM CLI,
use the security -p secure command (see security command for information about command
use).
Note: You cannot access the CMM CLI
through Telnet while using the Secure security policy setting.