Security settings
The Security settings enable you to:
HPE OneView offers options to configure management appliances to be compliant with the Federal Information Processing Standard FIPS-140-2 (FIPS 140-2) and Commercial National Security Algorithm (CNSA) standards, or to continue using the legacy cryptography mode. In the FIPS 140-2 and CNSA mode, the appliance restricts protocol versions, cipher suites, and digital certificate strength to FIPS 140-2 and CNSA-compliant ones, respectively.
Use of certificates for authentication over Transport Layer Security (TLS).
Customizable TLS versions - REST API to selectively disable TLS1.0 and/or TLS1.1.
Separation of the data and management environments, which is critical to protect against Denial of Service attacks.
Two-factor authentication to provide authentication using smart cards.
Certificate management to improve the policies and procedures for managing certificate-based trust.
Single sign on to iLO and Onboard Administrator without storing user-created iLO or Onboard Administrator credentials.
Generate a self-signed certificate when authentication by a certificate authority is not required or available.
An automated remote backup feature that allows you to set the day and time a backup will be performed and the ability to specify a remote SSH or SFTP server to store the backup files automatically.
Generate a Certificate Signing Request (CSR) for a certificate that establishes the authenticity of your public keys and verifies them through a certificate authority.
View certificate settings.
Support for authentication and authorization using an optional directory service such as Microsoft Active Directory.
Install Hewlett Packard Enterprise public key to validate the authenticity and integrity of files delivered as part of the HPE OneView update process. If the key ever expires or is revoked, you can download the current key from https://www.hpe.com and upload it into the appliance.