System information
Introduction 3
Overview of OnBoard Features for Administrators
Overview of OnBoard Features for
Administrators
The OnBoard mediates between authorized users (who may be either local or
remote users on the public network) and devices that are connected to the
OnBoard’s private Ethernet ports. Connected devices are almost always
isolated on a private network that cannot be accessed except by going through
the OnBoard.
Communications between users and the OnBoard and through the OnBoard to
connected devices are protected by SSH encryption. Communications
between the OnBoard and the connected devices are proxied and the
potentially vulnerable protocols used by most service processors are not
exposed on the public network.
Administration of the OnBoard is separate from management of the connected
devices: multiple authorized users can manage connected devices while only
OnBoard administrators can configure access and security on the OnBoard.
The OnBoard provides a set of security features not available in any service
processor management product from any other vendor. The following table
lists the features that OnBoard administrators can configure to control access
to connected devices and to enforce an organization’s security policies and
lists where the features are documented in more detail.
Table 1-1: Security Features and Where Documented
Security Feature Where Documented
Authentication for accessing the OnBoard and
connected devices
“OnBoard Authentication Options” on
page 4
One-time passwords “One-time Password Authentication on
the OnBoard” on page 10
Authorizations
assigned to users and groups to
control access to connected devices
“Types of Users” and “Types of User
Authorizations” in AlterPath OnBoard
User’s Guide