Manualshelf

Release Notes

ManualsBrandsDell ManualsActive System ManagerOpenManage Enterprise-Modular
11121314151617181920
Important Notes
Topics:
Security
Support for untagged VLAN in FCoE
Networking switches updates
Security
OpenVAS vulnerability scanner may report the following issues:
NVT: OpenSSH 'sftp-server' Security Bypass Vulnerability (Linux) (OID: 1.3.6.1.4.1.25623.1.0.812051). This is a false positive
based on the OpenSSH version that OMEModular carries. No SFTP is exposed or supported.
NVT: SSH Weak Encryption Algorithms Supported (OID: 1.3.6.1.4.1.25623.1.0.105611). OMEModular supports secure
algorithms and upgrades SSH clients to the appropriate option. Configure your SSH client to autonegotiate the crypto
algorithms used.
Security best practices
SNMP
Security scanners may identify SNMP. If you do not use SNMP in your deployment, you can disable SNMP.
If SNMP is required, Dell EMC recommends that the default community name is changed from public.
By default, a self-signed certificate is generated to enable HTTPS communication. Dell EMC recommends generating a CSR
and installing a valid non-self signed certificate.
Besides improving the security of OME-Modular, these actions eliminate warnings that are produced by vulnerability scanners
relating to the default self-signed web server certificate and default SNMP community name.
NOTE: Dell EMC recommends changing the default password for OME - Modular.
Support for untagged VLAN in FCoE
In SmartFabric mode, OS10 enables you to use any untagged VLAN for FCoE Ethernet uplinks and Ethernet server ports, which
are part of the FCoE VLAN. The FCoE uplink identifies FIP Snooping bridge (FSB) mode at the switch. Configure the same
untagged VLAN on the FCoE uplinks and server ports for the FCoE sessions to come up. In SmartFabric mode, you can assign
any untagged VLAN to Ethernet server ports that belong to a FCoE VLAN. The FCoE VLAN can have one or many FC Gateway
uplinks. The FC Gateway uplink identifies N-Port Proxy Gateway (NPG) mode at the switch. Also, you can assign any untagged
VLAN to Ethernet server ports that belong to a FCoE VLAN, which has one or many FC Direct attach uplinks. The FC Direct
attach uplink identifies F-Port mode at the switch.
Restrictions
SmartFabric mode does not support multiple FCoE uplinks from the same IOM.
In FCoE mode, the untagged VLAN on the server port and the FCoE uplink must be the same. This condition ensures that
the untagged FIP VLAN discovery packets in the L2 frame, switch to the untagged VLAN.
You cannot configure multiple FCoE uplinks corresponding to different untagged VLANs.
5
Important Notes 13