we had a consultant firm that did some penetration test and found out that a few of our UCS-B blades add IPMI over lan Active and so where judged a vulnerability because of some password hack in ipmi 2.0.
so we removed all the policies that activated then as this is not needed with UCSM management.
unfortunately even if we cant get access anymore the Lan port UDP/623 is still answering to ipmiutil discovery tools.
all the servers that where not configured are not showing up but the few that where are. Any way to close them permanently so they don't show up in the penetration test?