What is the RMM or Remote Control?

The Remote Control  is a remote access and management hardware module that allows you to setup, monitor and troubleshoot your Self-Managed server from a remote location. It is a feature of all Self-Managed products and is used for:

  • Initial server setup, ongoing production monitoring and troubleshooting.
  • Server recovery and maintenance.
  • Email notification of warning or critical events.
  • Remote access to allow remote monitoring of hardware health, complete power control and software installation maintenance.

Important Security recommendations

Please implement these security measures to prevent this device and IP from being used in abuse scenarios, such as external attacks of 3rd party systems or the sending of spam mails via the mail sending mechanism of the hardware module.

The following security measures are recommended according to your relevant software:

  • 1.  Delete unnecessary users and reset password(s)

    1. Log in to the Remote Control 
    2. Select the Configuration tab from the top menu remote-intel-1
    3. Select Users from the left hand menu remote-intel-2a
    4. Delete all users that are not required by selecting the UserID and then clicking the Delete User button. Only the root user can’t be deleted and may be the only one required.
    5. Update the user(s) passwords: select the relevant user, then click Modify User.remote-intel-3
    6. Ensure that Change Password is ticked and then specify a new password of up to 16 characters.remote-intel-4
    7. Click Modify

    You have now successfully updated your password for your user.

    2. Install an SSL certificate

    Upload an SSL certificate and privacy key, which allows the device to be accessed in a secure mode.

    On the Configuration tab, select SSL.

    3. Set timeout after failed log in attempts

    You have the option of choosing your own timeout interval and number of failed log in attempts. We suggest a fairly long timeout e.g. 15 minutes to deter brute force login attempts.

    On the Configuration tab, select Login from the left menu.

    4. Delete all services that are not used or required

    If you don’t use certain services provided as options, e.g. mail, rather delete these services to avoid the risk of them being used for abuse.

  • 1. Delete unnecessary users and reset password(s)

    1. Log in to the Remote Control 
    2. If a Runtime error notification pops up, press Cancel
    3. Select the Configuration tab from the top menu remote-supermicro-1
    4. Select Users from the left side menu remote-supermicro-2
    5. Delete all users that are not required by selecting the UserID and then clicking the Delete User button. Only the root user can’t be deleted and may be the only one required.
    6. Update the user(s) passwords: select the relevant user, then click Modify User.
    7. remote-supermicro-3
    8. Ensure that Change Password is ticked and then specify a new password of up to 19 characters.
    9. Select the Modify button at the bottom of the page.remote-supermicro-4

    2. Install an SSL certificate

    Upload an SSL certificate and privacy key, which allows the device to be accessed in a secure mode.  On the Configuration tab, select SSL certification then browse and upload the SSL certificate and privacy key. 

    3. Block ports

    On the Configuration tab, select Port from the left menu. The current or default ports will be displayed. You can change the default ports to those that are not commonly used to reduce the risk of malicious entry via these ports. Click Save.

    4. IP access control

    This firewall feature allows you to limit access except from your IP(s) e.g. your office. Enabling the IP Access Control allows you to create IP Access rules.

    • On the Configuration tab, select IP Access
    • Tick to activate Enable IP Access Control 
    • Click Add to add your rule, providing your IP address.
    • Enter the information needed
      • IP Address/Mask: This item allows you to grant access to a specific IP address or a range of IP addresses. For example, if you wanted to specify a range of IP addresses from 192.168.0.1 to 192.168.0.126, you would enter 192.168.0.1/25.
      • Policy: Select to allow access for the IP address(es) entered above. Select Drop to deny access.
      • Click Save

    5. Delete all services that are not used or required

    If you don’t use certain services provided as options, e.g. mail, rather delete these services to avoid the risk of them being used for abuse.

  • Did you find this article helpful?
  • YesNo

Related Posts:

Do you need further assistance? Contact us