Abstract: Systems and methods for bypassing firewalls using a server management protocol is provided. In various embodiments, a proxy component serves as a “man-in-the-middle” between an edge client and a server client. The proxy component can receive a server connection request from the edge client to connect to a requested server client using a managed network name associated with the server client. The proxy component can establish a proxy connection with the requested server client, and routing data packets between the server client and the edge client. The edge client and the server client are connected without the public advertisement of the private addresses of the edge client and the server client.

Abstract: A system to facilitate communication between a cloud system and an edge server is described. The system includes one or more processors to execute a translation service to receive a first request operation from a cloud service, wherein the first request operation comprises a first communication protocol supported by the cloud service, translate the first request operation to a second communication protocol supported by a first edge server, wherein the second communication protocol is different from the first communication protocol and transmit the translated first request operation to the first edge server.

Abstract: In some examples, a device receives a plurality of encryption keys from a secure storage of a management controller, where a first encryption key of the plurality of encryption keys is for site-wide access of information on removable storage media plugged into respective computers of a site, and a second encryption key of the plurality of encryption keys is to restrict access of information on removable storage media plugged into a subset of the computers. The device uses a given encryption key of the plurality of encryption keys to encrypt information written to or decrypt information read from a first removable storage medium plugged into a first computer of the computers, wherein the management controller is associated with and is separate from a processor of the first computer.

Abstract: Systems and methods for bypassing firewalls using a server management protocol is provided. In various embodiments, a proxy component serves as a “man-in-the-middle” between an edge client and a server client. The proxy component can receive a server connection request from the edge client to connect to a requested server client using a managed network name associated with the server client. The proxy component can establish a proxy connection with the requested server client, and routing data packets between the server client and the edge client. The edge client and the server client are connected without the public advertisement of the private addresses of the edge client and the server client.

Abstract: A system to facilitate communication between a cloud system and an edge server is described. The system includes one or more processors to execute a translation service to receive a first request operation from a cloud service, wherein the first request operation comprises a first communication protocol supported by the cloud service, translate the first request operation to a second communication protocol supported by a first edge server, wherein the second communication protocol is different from the first communication protocol and transmit the translated first request operation to the first edge server.

Abstract: In some examples, a device receives a plurality of encryption keys from a secure storage of a management controller, where a first encryption key of the plurality of encryption keys is for site-wide access of information on removable storage media plugged into respective computers of a site, and a second encryption key of the plurality of encryption keys is to restrict access of information on removable storage media plugged into a subset of the computers. The device uses a given encryption key of the plurality of encryption keys to encrypt information written to or decrypt information read from a first removable storage medium plugged into a first computer of the computers, wherein the management controller is associated with and is separate from a processor of the first computer.

Abstract: A method disclosed herein relates to a proxy application that connects to an input/output controller (IOCTL) interface driver. The IOCTL interface driver transfers IOCTL commands to a baseboard management controller (BMC). The proxy application receives, through the IOCTL interface driver, an application protocol request over an IOCTL command from the BMC. The application protocol request includes a computing devices configuration, a computing devices configuration option, and user interface data. The proxy application also receives an update to the computing devices current configuration based on the computing devices configuration option. The proxy application generates a new application protocol request over the IOCTL command based on the update to the computing devices current configuration. The proxy application transmits, through the IOCTL interface driver, the new application protocol request over the IOCTL command to the BMC.

Abstract: Examples provided relate to adding a network unit to a management group. An example method includes receiving a numeric code on a first network unit from a button on a front panel of the first network unit. The numeric code is received on a second network unit using a button on a front panel of the second network unit. The first network unit is added to the management group of the second network unit.

Abstract: In an example, a device comprises a baseboard management controller (BMC). The BMC comprises non-volatile storage storing a service operating system (OS). The BMC also comprises a processor. The processor may: receive, by a baseboard management controller (BMC), a request to modify the non-volatile storage, wherein the request comprises a signature, determine, by the BMC, based on a received signature, and a key for modifying the non-volatile storage, whether the request to modify the non-volatile storage is properly signed, and responsive to determining the request to modify the non-volatile storage is properly signed: allow modification of the non-volatile storage.

Abstract: Examples disclosed herein relate to using a baseboard management controller (BMC) of a computing device with a private and public key that is used for license provisioning. A public key is obtained from the BMC. The public key is sent to a license device external to the computing device. Encrypted license information is received from the license device. Decrypted license information is obtained from the BMC based on the encrypted license information.

Abstract: A method disclosed herein relates to a proxy application that connects to an input/output controller (IOCTL) interface driver. The IOCTL interface driver transfers IOCTL commands to a baseboard management controller (BMC). The proxy application receives, through the IOCTL interface driver, an application protocol request over an IOCTL command from the BMC. The application protocol request includes a computing devices configuration, a computing devices configuration option, and user interface data. The proxy application also receives an update to the computing devices current configuration based on the computing devices configuration option. The proxy application generates a new application protocol request over the IOCTL command based on the update to the computing devices current configuration. The proxy application transmits, through the IOCTL interface driver, the new application protocol request over the IOCTL command to the BMC.

Abstract: In an example, a device comprises a baseboard management controller (BMC). The BMC comprises non-volatile storage storing a service operating system (OS). The BMC also comprises a processor. The processor may: receive, by a baseboard management controller (BMC), a request to modify the non-volatile storage, wherein the request comprises a signature, determine, by the BMC, based on a received signature, and a key for modifying the non-volatile storage, whether the request to modify the non-volatile storage is properly signed, and responsive to determining the request to modify the non-volatile storage is properly signed: allow modification of the non-volatile storage.

Abstract: Examples provided relate to adding a network unit to a management group. An example method includes receiving a numeric code on a first network unit from a button on a front panel of the first network unit. The numeric code is received on a second network unit using a button on a front panel of the second network unit. The first network unit is added to the management group of the second network unit.

Abstract: A server system may include a baseboard management controller and a host system. The baseboard management controller may obtain an identification of a peer system over a management network connection. The baseboard management controller may provide the identification of the peer system to the host system. The host system may use the identification of the peer system to obtain a virtual machine image.

Abstract: A method includes upon receiving a request from a user to perform an operation on a device that is running under an operating system, authenticating the user on the basis of credential data that is retrieved from a data storage unit that is associated with a lights-out management (LOM) capability of the device. If authentication of the user is successful, the user is enabled to perform the operation.

Abstract: A method includes upon receiving a request from a user to perform an operation on a device that is running under an operating system, authenticating the user on the basis of credential data that is retrieved from a data storage unit that is associated with a lights-out management (LOM) capability of the device. If authentication of the user is successful, the user is enabled to perform the operation.

Abstract: A method includes upon receiving a request from a user to perform an operation on a device that is running under an operating system, authenticating the user on the basis of credential data that is retrieved from a data storage unit that is associated with a lights-out management (LOM) capability of the device. If authentication of the user is successful, the user is enabled to perform the operation.