HPE iLO 5 Update
iLO5 is now over a year old and quietly HPE have implemented some nice enhancements. Let me describe some of the new features.
With iLO Firmware 1.40 the “iLO Advanced Premium Security” licensed features moved to the “iLO Advanced” license. So, the iLO ASPE License have gone.
To get all the following new features, the update of iLO Firmware alone is not enough. You need some more updates. Here is an overview, that works for me:
The Security Dashboard collects some security settings and displays an overview of the security status. Most systems will now display a red warning.
You can set the first three to ignore and it goes to yellow.
To get the green status the only way is to change the required to minimum.
Now, take a look at Security > Access Settings > iLO
You will find a new entry: “Virtual NIC”
What happens if you enable it? Example on Windows (support for Windows 2016, 2019, SLES 12, 15, RHEL 7.6). The OS will detect a new NIC and this NIC will get a fixed IP address: 188.8.131.52 (this an HPE reserved IP)
This IP is internal only to the Server and does not go outside.
Now you are able to connect to the iLO with this fixed IP address.
Why would you need to do this?
– If you need access to the iLO and have no iLO network connection
– If you need access to the iLO and don’t want to Install the iLO OS driver
When not to use this feature. I have had some trouble when setting up a Windows Cluster and the cluster detected this NIC.
Update Service Settings
Scroll Down to Security > Access Settings > Update Service
This prevents a firmware downgrade to an compromised version.
Attention: permanently means for ever, there is no way to go back.
Intelligent System Tuning
The Performance Monitoring show some historical performance data.
On the bottom page you can set Threshold Alerts. The Workload Performance Advisor compares the historical performance and recommends BIOS settings to enhance the performance.
At the end the best. This has been a customer request for some time to secure erase the complete system. This would be useful If for example you want to resell you old server or have reached the end of your lease and need to wipe the whole system.
Start Intelligent Provisioning
If needed, skip the “First Time Wizard” > Perform Maintenance
Here it is, the “One-button secure erase.”
It not only deletes the volume, it:
– Resets the server to factory defaults
– Wipes the NAND (all ILO settings, logs)
– Erases all secondary storage
– Is compliant to NIST 800-88r1
O.K., this are the main new Features, thanks’ for reading.