Skip navigation
Electronic Design

IPMI 2.0 Improves Security, Remote Management

An enhanced version of the Intelligent Platform Management Interface, IPMI 2.0, provides a more secure environment for the embedded manageability of servers, server blades, network storage, network systems, and telecommunications equipment.

Version 2.0 delivers enhanced security above the features that are incorporated in version 1.5. For example, console redirection supports both remote viewing of the boot process and emergency management consoles. The specification also enhances support for modular systems such as blade computer cards. Of course, it's backward-compatible with IPMI 1.5 systems.

The enhanced security is achieved by incorporating new authentication procedures based on the SHA-1 algorithm and encryption based on the AES standard. These enhancements reduce operational risk by securing the remote operations. Sensitive functions such as password configuration then can be completed without the fear that the new passwords will be intercepted.

The console redirection capability provides a standard way of remotely viewing server consoles, irrespective of vendor type, to diagnose and repair server related issues. This will reduce the number of midnight or weekend runs to the computer center to troubleshoot balky systems.

Improved support for modular systems enables the hardware to report the status of the blades during hot-swap operations or provide redundancy switchover by monitoring the secondary IPMI bus. This is very helpful in Advanced Telecom Computing Architecture (ATCA) products.

Local-area-network (LAN) sessions use a command set called the cipher suite discovery. These commands are used to determine which authentication, integrity, and confidentiality algorithm Cipher Suite(s) can be used to establish the connection to IPMI v1.5 or v2.0 systems.

Multiple types of payloads also can be carried over a single IPMI session. Or, payloads can be launched to a dedicated session. New packet formats are available in v2.0, like enhanced authentication and encryption, virtual-LAN addressing, and multiple payload types. The payload packets can carry secure and nonsecure traffic.

For more information, go to

TAGS: Intel
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.