Firmware security on IB fabrics

I have a fabric with some untrusted hosts on it - some hosts where non-admins have root access.
Is there a way I can prevent these hosts from being able to flash or change the configuration of other devices on the fabric? Both other HBAs and switches?


While managed switches and UFM would still require a password, other IB components may be vulnerable via MADs if the untrusted user has root access.

These types of security/access measures would be better handled in Linux user permissions than in the IB fabric.

If you would like further assistance with helping to find ways to better secure and optimize your fabric, please reach out to your Nvidia account team to request solution engineering assistance.

Thank you