TheIntelligent Platform Management Interface (IPMI) is a set ofcomputer interface specifications for an autonomous computer subsystem that provides management and monitoring capabilities independently of the host system'sCPU,firmware (BIOS orUEFI) andoperating system. IPMI defines a set of interfaces used bysystem administrators forout-of-band management ofcomputer systems and monitoring of their operation. For example, IPMI provides a way to manage a computer that may be powered off or otherwise unresponsive by using a network connection to the hardware rather than to an operating system or login shell. Another use case may be installing a customoperating system remotely. Without IPMI, installing a custom operating system may require anadministrator to be physically present near the computer, insert aDVD or aUSB flash drive containing the OSinstaller and complete the installation process using a monitor and a keyboard. Using IPMI, an administrator can mount anISO image, simulate an installer DVD, and perform the installation remotely.^[1]

The specification is led byIntel and was first published on September 16, 1998. It is supported by more than 200 computer system vendors, such asCisco,Dell,^[2]Hewlett Packard Enterprise, and Intel.^[3][4]

Using a standardized interface and protocol allows systems-management software based on IPMI to manage multiple, disparate servers. As a message-based, hardware-level interface specification, IPMI operates independently of theoperating system (OS) to allow administrators to manage a system remotely in the absence of an operating system or of thesystem managementsoftware. Thus, IPMI functions can work in any of three scenarios:

• before an OS has booted (allowing, for example, the remote monitoring or changing of BIOS settings)
• when the system is powered down
• after OS or system failure – the key characteristic of IPMI compared with in-band system management is that it enables remote login to the operating system usingSSH

System administrators can use IPMI messaging to monitor platform status (such as system temperatures, voltages, fans, power supplies and chassis intrusion); to query inventory information; to review hardware logs of out-of-range conditions; or to perform recovery procedures such as issuing requests from a remote console through the same connections e.g. system power-down and rebooting, or configuringwatchdog timers. The standard also defines an alerting mechanism for the system to send aSimple Network Management Protocol (SNMP) platform event trap (PET).

The monitored system may be powered off, but must be connected to a power source and to the monitoring medium, typically alocal area network (LAN) connection. IPMI can also function after the operating system has started, and exposes management data and structures to the system management software. IPMI prescribes only the structure and format of the interfaces as a standard, while detailed implementations may vary. An implementation of IPMI version 1.5 can communicate via a direct out-of-band LAN orserial connection or via a side-band LAN connection to a remoteclient. The side-band LAN connection utilizes the boardnetwork interface controller (NIC). This solution is less expensive than a dedicated LAN connection but also has limited bandwidth and security issues.

Systems compliant with IPMI version 2.0 can also communicate viaserial over LAN, whereby serial console output can be remotely viewed over the LAN. Systems implementing IPMI 2.0 typically also includeKVM over IP,remote virtual media and out-of-band embedded web-server interface functionality, although strictly speaking, these lie outside of the scope of the IPMI interface standard.

DCMI (Data Center Manageability Interface) is a similar standard based on IPMI but designed to be more suitable forData Center management: it uses the interfaces defined in IPMI, but minimizes the number of optional interfaces and includes power capping control, among other differences.

An IPMI sub-system consists of a main controller, called the baseboard management controller (BMC) and other management controllers distributed among different system modules that are referred to as satellite controllers. The satellite controllers within the same chassis connect to the BMC via the system interface called Intelligent Platform Management Bus/Bridge (IPMB) – an enhanced implementation ofI²C (Inter-Integrated Circuit). The BMC connects to satellite controllers or another BMC in another chassis via the Intelligent Platform Management Controller (IPMC) bus or bridge. It may be managed with theRemote Management Control Protocol (RMCP), a specialized wire protocol defined by this specification. RMCP+ (aUDP-based protocol with stronger authentication than RMCP) is used for IPMI over LAN.

Several vendors develop and market BMC chips. A BMC utilized for embedded applications may have limited memory and require optimized firmware code for implementation of the full IPMI functionality. Highly integrated BMCs can provide complex instructions and provide the complete out-of-band functionality of a service processor. The firmware implementing the IPMI interfaces is provided by various vendors.Afield-replaceable unit (FRU) repository holds the inventory, such as vendor ID and manufacturer, of potentially replaceable devices. A sensor data record (SDR) repository provides the properties of the individual sensors present on the board. For example, the board may contain sensors for temperature, fan speed, and voltage.

The baseboard management controller (BMC) provides the intelligence in the IPMI architecture. It is a specializedmicrocontroller embedded on themotherboard of acomputer – generally aserver. The BMC manages the interface between system-management software and platform hardware. BMC has its dedicated firmware and RAM.

Different types ofsensors built into the computer system report to the BMC onparameters such astemperature, coolingfanspeeds,power status,operating system (OS) status, etc.The BMC monitors the sensors and can send alerts to asystem administrator via thenetwork if any of the parameters do not stay within pre-set limits, indicating a potential failure of the system. The administrator can also remotely communicate with the BMC to take some corrective actions – such as resetting or power cycling the system to get a hung OS running again. These abilities reduce thetotal cost of ownership of a system.

Systems compliant with IPMI version 2.0 can also communicate viaserial over LAN, whereby serial console output can be remotely viewed over the LAN. Systems implementing IPMI 2.0 typically also includeKVM over IP,remote virtual media and out-of-band embedded web-server interface functionality, although strictly speaking, these lie outside of the scope of the IPMI interface standard.

Physical interfaces to the BMC includeSMBuses, anRS-232serial console, address and data lines and an IPMB, that enables the BMC to accept IPMI request messages from other management controllers in the system.

A direct serial connection to the BMC is notencrypted as the connection itself is secure. Connection to the BMC over LAN may or may not use encryption depending on the security concerns of the user.

There are concerns about the general security of BMCs, as piece of infrastructure with such low-level, wide-ranging access and control over servers. Vendor implementations are ased on closed source and proprietary software, with little to no transparency regarding how they are made and what security vulnerabilities they contain.^[5][6][7][8].

OpenBMC is aLinux Foundation collaborative,free and open source BMC project that aims to build transparent, well-documented and tested BMC management software that would alleviate these issues.^[9]

On 2 July 2013,Rapid7 published a guide to security penetration testing of the latest IPMI 2.0 protocol and implementations by various vendors.^[10]

Some sources in 2013 were advising against using the older version of IPMI,^[5] due to security concerns related to the design and vulnerabilities of Baseboard Management Controllers (BMCs).^[11][12]

However, like any other management interface, best security practices dictate the placement of the IPMI management port on a dedicated management LAN or VLAN restricted to trusted Administrators.^[13]

The IPMI specification has been updated with RAKP+ and a stronger cipher that is computationally impractical to break.^[14] Vendors as a result have provided patches that remediate these vulnerabilities.^{[citation needed]}

TheDMTF organization has developed a secure and scalable interface specification calledRedfish to work in modern datacenter environments.^[15]

Some potential solutions exist outside of the IPMI standard, depending on proprietary implementations. The use of default short passwords, or "cipher 0" hacks can be easily overcome with the use of aRADIUS server forAuthentication, Authorization, and Accounting (AAA) over SSL as is typical in a datacenter or any medium to large deployment. The user's RADIUS server can be configured to store AAA securely in anLDAP database using eitherFreeRADIUS/OpenLDAP or Microsoft Active Directory and related services.

Role-based access provides a way to respond to current and future security issues by increasing amounts of restriction for higher roles.Role-based access is supported with three roles available: Administrator, Operator and User.

Overall, the User role has read-only access of the BMC and no remote control ability such as power cycle or the ability to view or log into the main CPU on the motherboard. Therefore, any hacker with the User role has zero access to confidential information, and zero control over the system. The User role is typically used to monitor sensor readings, after an SNMP alert has been received by SNMP Network Monitoring Software.

The Operator role is used in the rare event when a system is hung, to generate an NMI crash/core dump file and reboot or power cycle the system.In such a case, the Operator will also have access to the system software to collect the crash/core dump file.

The Administrator role is used to configure the BMC on first boot during the commissioning of the system when first installed.

Therefore, the prudent best practice is to disable the use of the Operator and Administrator roles in LDAP/RADIUS, and only enable them when needed by the LDAP/RADIUS administrator. For example, in RADIUS a role can have its setting Auth-Type changed to:

Auth-Type := Reject

Doing so will prevent RAKP hash attacks from succeeding since the username will be rejected by the RADIUS server.

The IPMI standard specification has evolved through a number of iterations:^[16][17]

• v1.0 was announced on September 16, 1998: base specification
• v1.5, published on February 21, 2001: added features including IPMI over LAN, IPMI over Serial/Modem, and LAN Alerting
• v2.0, published on February 12, 2004: added features including Serial over LAN, Group Managed Systems, Enhanced Authentication, Firmware Firewall, and VLAN Support
• v2.0 revision 1.1, published on October 1, 2013: amended for errata, clarifications, and addenda, plus addition of support for IPv6 Addressing
• v2.0 revision 1.1 Errata 7, published on April 21, 2015: amended for errata, clarifications, addenda^[18]

• HPE Integrated Lights-Out, HP's implementation of IPMI
• Dell DRAC, Dell's implementation of IPMI
• Supermicro Intelligent Management, SMCI's implementation of IPMI
• IBM Remote Supervisor Adapter,IBM's out-of-band management products, including IPMI implementations
• MegaRAC,AMI's out-of-band management product and OEM IPMI firmware
• Avocent MergePoint Embedded Management Software, an OEM IPMI firmware
• Cisco Integrated Management Controller (IMC), Cisco's implementation of IPMI
• Lenovo xClarity, Lenovo's implementation of IPMI

• Alert Standard Format (ASF), another platform management standard
• Desktop and mobile Architecture for System Hardware (DASH), another platform management standard
• Intel Active Management Technology (AMT), Intel's out-of-band management product, as an alternative to IPMI
• Management Component Transport Protocol (MCTP), a low-level protocol used for controlling hardware components
• Open Platform Management Architecture (OPMA), AMD's out-of-band management standard
• System Service Processor, on some SPARC machines
• Wired for Management (WfM)

Wikimedia Commons has media related toIntelligent Platform Management Interface.

• Intel IPMI Technical Resources Website
• A Comparison of common IPMI Software open-source projects
• GNU FreeIPMI
• ipmitool
• ipmiutil
• OpenIPMI
• coreIPM Project - open source firmware for IPMI baseboard management
• IPMeye - Centralized out-of-band access for enterprises / Part of VendorN's OneDDI platform

• Computer hardware standards
• System administration
• Out-of-band management
• Computer-related introductions in 1998

• CS1 errors: missing periodical
• Articles with short description
• Short description is different from Wikidata
• All articles with unsourced statements
• Articles with unsourced statements from February 2017
• Commons category link from Wikidata