Manualshelf

Administrator Guide

ManualsBrandsDell ManualsConverged InfrastructureSecurity Solution Resources
11121314151617181920
Technical support and resources
ID 483
3.2.3 SELinux framework
SELinux operates at the core kernel level on the iDRAC and does not need any input or configuration from
users. SELinux logs security messages when an attack is detected. These log messages indicate when and
how an attacker tried to break into the system. These logs are available through SupportAssist to customers
enrolled in this new feature. In future release of iDRAC, these logs are available in the Lifecycle Controller
Logs.
3.2.4 Least Required Privilege
SELinux operates at the core kernel level on the iDRAC and does not need any input or configuration from
users. SELinux logs security messages when an attack is detected. These log messages indicate when and
how an attacker tried to break into the system. These logs are available through SupportAssist to customers
enrolled in this new feature. In future release of iDRAC, these logs are available in the Lifecycle Controller
Logs.
3.2.5 Automatic Certificate Enrollment and Renewal
iDRAC9 v4.0 has added a client for Simple Certificate Enrollment Protocol (SCEP) support and requires
Datacenter License. SCEP is a protocol standard that is used for managing certificates to large numbers of
network devices using an automatic enrollment process. The iDRAC can now integrate with SCEP-compatible
servers like the Microsoft Server NDES service to maintain SSL/TLS Certificates automatically. This feature
can be used to enroll and refresh a soon to be expired web server certificate. This process can be done on a
one-to-one basis in the iDRAC user interface, using Server Configuration Profile, or scripted using tools such
as RACADM.