iDRAC and network security
iDRAC is a powerful tool for performing various tasks remotely on LiveWire; however, there are potential network security vulnerabilities when using iDRAC.
Below are some suggestions to ensure that vulnerabilities through iDRAC are minimized:
◦ Restrict iDRAC to Internal Networks: Restrict iDRAC traffic to trusted internal networks. Traffic from iDRAC (usually UDP port 623) should be restricted to a management VLAN segment with strong network controls. Scan for iDRAC usage outside of the trusted network, and monitor the trusted network for abnormal activity.
◦ Utilize Strong Passwords: Make sure the iDRAC password on LiveWire is set to a strong, unique password. See Changing the default password.
◦ Encrypt Traffic: Enable encryption on iDRAC, if possible. For example, use HTTPS in your web browser's URL location field when connecting to iDRAC (e.g., 'https://xxx.xxx.xxx.xxx').