Reference Guide
Table Of Contents
- Dell EMC iDRAC Service Module Security Configuration Guide
- Contents
- Overview
- Security quick reference
- Product and subsystem security
- Miscellaneous configuration and management elements
- Internal security information
- Resources and support
- Contacting Dell EMC
Physical security options
Not applicable.
Customer service access
iSM does not use any service specific accounts. The logged-in operating system administrator account will be used for the
invoked operations.
Tamper evidence and resistance
The binaries installed by iSM are signed and the signature is verified by the iSM process at run time before loading. Any failure
to verify the signature of the library prompts an audit logging with critical severity. The iSM service exits after logging the audit
message as a security measure. This is logged in the default operating system log location. The message is as follows:
SEC 0704: The authentication check operation performed by iSM has failed for the
following module or application because either the binary load path is incorrect or the
binary or configuration file is tampered, replaced, or untrusted : <list of app and
modules>. iSM has integrity verification for certain TechSupport Report artifacts like
SPD logs.
Serviceability
iSM does not install specific tools for maintenance. The Dell EMC support team is entitled for the following iSM utilities, but
not restricted only to the following utilities. When a user is logged in as an administrator, the utilities can be used to invoke or
perform any other necessary action.
Table 7. Widely-used iSM utilities
iSM utility name Command line interface User account
ismspdlogs CLI Service personnel as administrator
ismtech CLI Service personnel as administrator
When UEFI Secure Boot is enabled from BIOS interface, the SPD log collection attempts to use the Windows SMM Security
Mitigation Table (WSMT) method.
Security updates and patching
Dell EMC recommends immediate check and installation of any security patch. You can download the latest version of the
product at iDRAC Service Module User's Guide available at https://www.dell.com/idracmanuals.
Customer requirements and updates
Step-by-step instructions are documented in the latest version of the product documentation, iDRAC Service Module User's
Guide available at https://www.dell.com/idracmanuals.
Product and subsystem security
19