Skip to main content

Security considerations

Plan for the security of Lenovo XClarity Administrator and all managed devices.

  • Encapsulation management
    When you manage Lenovo chassis and servers in Lenovo XClarity Administrator, you can configure Lenovo XClarity Administrator to change the firewall rules for the devices so that incoming requests are accepted only from Lenovo XClarity Administrator. This is referred to as encapsulation. You can also enable or disable encapsulation on chassis and servers that are already managed by Lenovo XClarity Administrator.
  • Cryptographic management
    Cryptographic management is composed of communication modes and protocols that control the way that secure communication is handled between Lenovo XClarity Administrator and the managed devices (such as chassis, servers, and Flex switches).
  • Security certificates
    Lenovo XClarity Administrator uses SSL certificates to establish secure, trusted communications between XClarity Administrator and its managed devices (such as chassis and service processors in the System x servers) as well as communications with XClarity Administrator by users or with different services. By default, XClarity Administrator, CMMs, and baseboard management controllers use XClarity Administrator-generated certificates that are self-signed and issued by an internal certificate authority.
  • Authentication
  • User accounts and role groups
    User accounts are used to log in and manage Lenovo XClarity Administrator and all managed chassis and servers. XClarity Administrator user accounts are subjected to two interdependent processes: authentication and authorization.
  • User-account security
    User-account settings control the password complexity, account lockout, and web-session inactivity time-out. You can change the values of the account-security settings.