On Thu, 2 Jul 2015 10:11:09 + (UTC)
Chris Olson chris_e_ol...@yahoo.com wrote:
...
My initial recommendation was to use a totally separate network for
any service processors
+1 for this. We typically put all management ports for a
'system/project' on a sep. non-routed eth. segment to
We have recently been asked to evaluate some computing machinery for
a new project. This particular end user has very limited experience
with the stated security requirements in a lights-out environment.
Their primary work (as well as mine) in the past has been with very
small, simple networks of
On Thu, Jul 02, 2015 at 12:30:47PM -0400, Paul Heinlein wrote:
If your admins are comfortable with serial consoles, a concentrator
like those available from Digi or WTI can offer fairly robust access
controls; they can also be set to honor SSH keys rather than
passwords, which may help
On Thu, 2 Jul 2015, Chris Olson wrote:
We have recently been asked to evaluate some computing machinery for
a new project. This particular end user has very limited experience
with the stated security requirements in a lights-out environment.
Their primary work (as well as mine) in the past
https://lwn.net/Articles/630778/
I think you definitely want this stuff as far away from the regular
LAN, let alone the Internet, as possible.
Chris Murphy
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
5 matches
Mail list logo
