Vulnerability scanning iLO ports on HP servers

[Clifford Collins <collinsc () FRANKLIN EDU>]

Hello! 

We are trying to understand the risk posed by having iLO ports for our servers available to systems administrators on 
an isolated VLAN. We find that our scans of the ports can get bogged down while "spidering" and we are wondering how 
others have tackled this issue. How much of a risk do you see iLO ports being? Do you regularly scan all of them? What 
kind of protection do you use to manage this risk? 

Thanks in advance for your thoughts and comments! 

Clifford A. Collins 
Information Security Officer 
Franklin University 
201 South Grant Avenue 
Columbus, Ohio 43215 
"Security is a process, not a product"