Security Policy, Version 1.0
February 23, 2016
HP BladeSystem Onboard Administrator Firmware
Page 9 of 25
© 2016 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Table 2 FIPS 140-2 Logical Interface Mappings
FIPS 140-2
Logical Interface
Physical Port/Interface
HP BladeSystem Onboard
Administrator Firmware
Port/Interface
Data Input
Ethernet RJ4515 connector
Serial RS232 DB-9 connector with
PC16 standard pinout
Backplane connector
TLS17, SSH18, and plaintext sessions
(HTTPS, SOAP, LDAP, NTP19)
Data Output
Ethernet RJ45
connector
Serial RS232 DB-9 connector with
PC standard pinout
Backplane connector
TLS, SSH, and plaintext sessions
(HTTPS, SMTP, LDAP, SOAP)
Control Input
Reset button
Ethernet RJ45 connector
Serial RS232 DB-9 connector with
PC standard pinout
USB 2.0 Type A connector
Insight Display LCD Buttons
Backplane connector
CLI commands
Web GUI interface
Keyboard/Mouse input
Status Output
Ethernet RJ45 connector
Serial RS232 DB-9 connector with
PC standard pinout
VGA DB-15 connector with PC
standard pinout*
Backplane connector
LED indicators
Insight Display LCD
Video output from VGA/LCD
CLI output
Web GUI interface
External Syslog
SMTP
Power Interface
Power Interface
Not Applicable
* Only on the c7000 OA
The OA connects to the BladeSystem Enclosure backplane providing connection pathways to all of the
enclosure modules and subsystems in order to provide administration.
2.4 Roles and Services
The module supports role-based authentication. There are two roles in the module (as required by FIPS 140-
2) that operators may assume: a Crypto-Officer (CO) role and a User role. See the Onboard Administrator
User Guide and Command Line Interface User Guide for more information about the roles and services
provided by the Onboard Administrator.
15 RJ45 Registered Jack 45
16 PC Personal Computer
17 TLS Transport Layer Security
18 SSH Secure Shell
19 NTP Network Time Protocol