Users Guide
Configuring Security Features 215
Several situations might call for disabling DRAC 5 remote vKVM. For
example, administrators may not want a remote DRAC 5 user to view the
BIOS settings that they configure on a system, in which case they can disable
remote vKVM during the system POST by using the
LocalConRedirDisable command. They may also want to increase
security by automatically disabling remote vKVM every time an administrator
logs in to the system, which they can do by executing the
LocalConRedirDisable command from the user logon scripts.
NOTE: See the white paper on Disabling Local Configuration and Remote Virtual
KVM in the DRAC on the Dell Support site at support.dell.com/manuals for more
information.
For more information on logon scripts, see
technet2.microsoft.com/windowsserver/en/library/31340f46-b3e5-4371-
bbb9-6a73e4c63b621033.mspx.
Securing DRAC 5 Communications Using SSL and
Digital Certificates
This subsection provides information about the following data security
features that are incorporated in your DRAC 5:
• "Secure Sockets Layer (SSL)" on page 215
• "Certificate Signing Request (CSR)" on page 216
• "Accessing the SSL Main Menu" on page 216
• "Generating a New Certificate Signing Request" on page 218
• "Uploading a Server Certificate" on page 219
• "Uploading a Server Certificate" on page 219
Secure Sockets Layer (SSL)
The DRAC includes a Web server that is configured to use the
industry-standard SSL security protocol to transfer encrypted data over the
Internet. Built upon public-key and private-key encryption technology, SSL is
a widely accepted technique for providing authenticated and encrypted
communication between clients and servers to prevent eavesdropping across
anetwork.