Manualshelf

A.05.80 HP Insight Remote Support Advanced and Remote Device Access Security Overview (October 2012)

ManualsBrandsHP ManualsSoftwareHP Insight Remote Support Advanced Software
11121314151617181920
Security Overview
Chapter 2: HP Insight Remote Support Advanced
The BSD system logging protocol, syslog, is an unencrypted protocol for transmitting system log
messages and is described in RFC 3164. Syslog has been assigned UDP port 514 but many
implementations allow for TCP communications for a more reliable transmission of data. Alternate
ports may also be used.
l TCP
Transmission Control Protocol (TCP), or IP protocol 6, is a transport-layer protocol that provides
reliable in-order delivery of data. TCP is described in RFC 793.
l Telnet
Telnet is an application-layer protocol that was developed for providing remote terminal sessions.
Some older storage devices, routers, switches, and other devices will support only telnet for network
access. Although it is insecure, Insight Remote Support Advanced uses this protocol to provide
support for these legacy devices. Telnet does not provide encrypted transport of data and is considered
to be an insecure communication service. Most current operating systems use SSH in place of telnet
as the standard terminal communication protocol. Telnet is described in RFC 854. Telnet has been
assigned to TCP port 23, however it may be configured to run on other ports.
l UDP
User Datagram Protocol (UDP), or IP protocol 17, is a transport-layer protocol that does not guarantee
data reliability or ordering the way that TCP does. Avoiding the overhead of checking whether every
packet actually arrived makes UDP faster and more efficient, at least for applications that do not need
guaranteed delivery. It is useful for simple applications that can withstand occasional drops of data. If
data reliability is required over UDP, application-layer protocols are responsible for providing retry and
ordering mechanisms. Examples of application-layer protocols that use UDP are SNMP, NFS V2,
DNS, NTP, and OpenVPN. UDP is described in RFC 768.
Central Management Server Deployment
HP Systems Insight Manager (HP SIM) is the foundation for HP's unified server-storage management
strategy. It is a multi-platform hardware-level management product that supports HP ProLiant, Integrity
and HP 9000 servers, HP StorageWorks MSA, EVA, XP arrays, third-party arrays, HP E-series switches
and other HP and non-HP platforms. HP SIM provides the basic management features of system
discovery and identification, single event view, inventory data collection, and reporting. HP SIM leverages
a distributed architecture that is broken into three types of systems:
l Central Management Server (CMS)
l Managed systems
l WEB Browser clients
The CMS and the managed systems together are called the HP SIM managed domain. The CMS
executes HP SIM software and initiates central operations within the domain. It also maintains a database
for the storage of persistent objects.
The Central Management Server (CMS) is a customer-provided HP ProLiant server running Windows
Server or VMware ESX or ESXi with Windows Server running as a VMware guest. Besides general
system administration, the customer is also responsible for all software installation and security updates.
Insight Remote Support Advanced is supported on Windows Server 2003 (SP1) or higher, Windows
Server 2008, Windows Storage Server 2008 and Windows Server 2008 R2. Microsoft SQL Server 2005 or
2008 and a supported version of HP SIM are also required. The HP SIM installation will automatically
HP Insight Remote Support Advanced and Remote Device Access (A.05.80)Page 20 of 97