Configuring additional security settings

Procedure

To configure additional security, complete one or more of the following steps.

• Lenovo XClarity Orchestrator uses SSL certificates to establish secure, trusted communications between XClarity Orchestrator and the resource managers (such as Lenovo XClarity Administrator), as well as communications with XClarity Orchestrator by users. By default, XClarity Orchestrator and the resource managers use XClarity Orchestrator-generated certificates that are self-signed and issued by an internal certificate authority (CA).

  You can choose to generate a certificate signing request (CSR) for signing by an external certificate authority, such as your organization’s certificate authority or a third-party certificate authority (see Installing a trusted, externally-signed XClarity Orchestrator server certificate).

• You can import trusted certificates for external services into the XClarity Orchestrator truststore to establish a secure connection to resource managers and event forwarders, such as Splunk (see Adding a trusted certificate for external services).
• You can import trusted certificates for internal services into the XClarity Orchestrator truststore to establish a secure connection to resource managers and trusted LDAP servers (see Adding a trusted certificate for internal services).
• Configure the security settings for password complexity, account lockout, and web session inactivity time-out settings. For more information about these settings, see Configuring user security settings.