Users Guide
• InBand iDRAC Access
• InBand SNMP Get
• idrac.local and drac.local
• Auto-update of iSM
Enhanced security between iSM and iDRAC
communication using TLS protocol
Starting iSM 3.4, the data communication between iSM and iDRAC happens through TLS protected USBNIC INET sockets. This ensures
protection of all the data that transports from iDRAC to iSM over USBNIC. iSM and iDRAC use self-signed certificates to control
Authentication. The self-signed certificates have 10 years of validity. Fresh self-signed certificates are generated while installing iSM every
time. Reinstall or upgrade iSM if the certificates expire.
NOTE: iSM reinstall (repair) does not work on Linux operating systems. It is mandatory to uninstall and then install iSM
on Linux operating systems.
NOTE: When iSM's TLS (client) certificate expires, then communication between iSM and iDRAC fails and an OS audit
log is generated indicating the same. This requires you to reinstall iSM on the Host OS.
Both iDRAC and the Host TLS versions should be 1.1 or above. Communication between iSM and iDRAC fails if the TLS protocol version
negotiation fails. If iSM with TLS capability is installed on an iDRAC firmware which does not support TLS communication over USBNIC, it
will work with the non-TLS channel as in the older versions of iSM.
NOTE: If iSM is installed or upgraded to version 3.4.0 or later before iDRAC is upgraded to version 3.30.30.30 or later,
then iSM should be uninstalled and re-installed to establish new TLS certificate.
NOTE: iSM with TLS capability is supported on iDRAC firmware versions 3.30.30.30 and above.
NOTE: iSM without TLS capability does not function on a TLS-capable version of iDRAC firmware. For example: iSM 3.3
or older which are not TLS-capable is not supported on iDRAC firmware 3.30.30.30 and later.
NOTE: If iSM 3.3.0 is installed on iDRAC 3.30.30.30 firmware, multiple events with ISM0050 are observed in LCLog.
iDRAC Service Module monitoring features 39