Secure security policy
The CMM Secure security policy is the most secure and least flexible setting that is available for your configuration.
The Secure security policy establishes a more restrictive chassis infrastructure with a higher level of control over users and chassis configuration. It helps secure the chassis environment and enforces the following conditions:
- Stronger complex password policies for CMM user accounts.NoteFor more information about the default password policy settings for the Secure security policy, see
High user account policy settings. - Mandatory change of password for all user accounts at first login. Updated passwords that replace the manufacturing default passwords are required after the initial setup.
- Only secure communication protocols can be enabled. Communication protocols that are not secure are disabled: FTP, SNMPv1, Telnet, TFTP, FTP, and non-secure TCP command mode.
You can select the Secure security policy by using the CMM web interface or the CMM CLI.
Note
The compute node system-management processors need to be reset when changing the security policy. The compute node web interface indicates Lenovo Flex System chassis components that must be restarted for security policy changes to take effect.
- In the CMM web interface, select Security from the Mgt Module Management menu; then, on the Security Policies page use the slider bar to select Secure, and click Apply. All fields and options are fully described in the CMM web interface online help.
- In the CMM CLI, use the security -p secure command (see security command for information about command use).
Note
You cannot access the CMM CLI through Telnet while using the Secure security policy setting.
Give documentation feedback