Manualshelf

HP Global Workload Manager 7.0 User Guide

ManualsBrandsHP ManualsSoftwareHP Matrix Operating Environment w/Insight Control 24x7 Supp Tracking Lic
21222324252627282930
4 Security
This chapter highlights several security items you should be aware of.
General security topics
The following items are a few general topics on security:
HP provides the HP-UX Bastille product, available from http://software.hp.com at no charge,
for enhancing system security.
You can secure gWLM’s communications as explained in the following section.
System Insight Manager allows you to create user roles with different levels of privileges. For
more information, see the System Insight Manager documentation.
For information on authorizations needed to run the HP Matrix Operating Environment, see
the HP Matrix Operating Environment 7.0 Getting Started Guide or the online help topic
Authorizations and Read-only Monitoring.
Securing gWLM communications
By default, gWLM’s communications are not secure, meaning:
The communications between the CMS and the managed nodes are not encrypted
The source and destination of gWLM’s communications are not authenticated
When securing communications, you must do so for every managed node in every SRD managed
by a given CMS.
To secure gWLM’s communications, assuming OpenSSH is installed and configured for System
Insight Manager on each of the managed nodes, select from the System Insight Manager menu
bar:
ConfigureMatrix OE AgentsSecure gWLM Communications…
For more information, see the online help topic “Securing gWLM Communications.
Alternatively, you can secure communications manually by following the steps outlined in
gwlmsslconfig(1M).
NOTE: HP strongly recommends always using gWLM with its communications secured.
Securing database communications
The following sections explain how to secure communications for the databases supported with
gWLM.
Securing Postgres communications
No steps are needed to secure Postgres communications.
Securing Oracle communications
Oracle communications are not secure by default in the HP-UX environment. To secure
communications:
NOTE: This procedures affects gWLM, HP Capacity Advisor, and HP Matrix OE visualization
as they all communicate with the Oracle database in the same manner.
1. Open /etc/opt/gwlm/conf/gwlmcms.properties in a text editor.
2. Set the property com.hp.gwlm.jdbc.oracle.secure to 'on'.
General security topics 27