HP Integrity Virtual Server Manager 6.3 User Guide
You can also save the user name and password entries in obscured format in the file system. This
allows you to use the same setting each time you enter Integrity Virtual Server Manager through
HP SMH. To save these entries, select the Save user name and password settings in the file system
check box, and then click OK. This information is obfuscated before being stored.
If you do not want to provide this security information for the current session, click Cancel. Integrity
Virtual Server Manager continues without collecting this data. If you do not want to provide this
additional data for subsequent uses of Integrity Virtual Server Manager, and you do not want to
be prompted for it on each entry into Integrity Virtual Server Manager, make sure all entries on
the page are blank, select the check box to save the credentials to file, and click OK. Empty
credentials are stored, and this prevents the WBEM credentials page from being displayed on
subsequent entries into Integrity Virtual Server Manager.
If you require the additional security provided by certificate validation, you can turn on SSL certificate
validation by checking the Require trusted certificates check box. If this box is checked, you must
store the valid certificates for the VMs or vPars in a keystore on the VSP to indicate that connections
to those VMs or vPars are trusted; otherwise, some information is not displayed by Integrity Virtual
Server Manager. For example, if a certificate is missing, utilization meters are labeled No Data.
For more information about trusted certificates and how to store them in a keystore on the VSP,
see “Trusted certificates” (page 18).
You can use the basic features of the HP SMH version of Integrity Virtual Server Manager without
exposing user credentials or configuration data on the local network. In this case, you see a subset
of the potential information that the Integrity Virtual Server Manager can display. To have all data
displayed, the following steps are required.
NOTE: Displaying all the information about the VMs or vPars' configuration exposes the credentials
of a connecting user.
1. Create a nonlogin, nonprivileged account on each VM or vPar to which Integrity Virtual Server
Manager might connect and whose credentials can be intercepted on the network. Although
these credentials are restricted to nonlogin capabilities, they can also be used to gain access
to other data or actions available using WBEM and other nonlogin services, including those
from additional providers that are registered on the system.
2. Optional, for additional security: If local policy is to avoid exposure of any account credentials
on your network, or if you do not want to expose the VM or vPar configuration data, then
configure an SSH or IPSec tunnel from the VSP system to each VM or vPar for port 5989 (HP
WBEM Services).
The following types of information require credentials for each VM or vPar for which information
is to be gathered:
• Operating System: If the required credentials are not set for a VM or vPar, Integrity Virtual
Server Manager cannot contact the machine. Integrity Virtual Server Manager displays the
expected operating system (if the operating system was set during configuration of the VM or
vPar, or if the guest operating system on the VM or vPar has been booted). If the credentials
are set and the VM or vPar is running with the proper provider, Integrity Virtual Server Manager
displays the operating system and version number.
• Utilization: If the required credentials are not set for a VM or vPar, the utilization meters for
VM-specific or vPar-specific items are dimmed. (Meters specific to a VM or vPar are located
on such Integrity Virtual Server Manager pages as the VSP Virtual Servers tab, the VMs or
vPars Properties Network and VMs or vPars Properties Storage tabs, and the VMs or vPars
Properties General tab. For more information about these tabs, see Chapter 4 (page 27).)
Meters for the VSP and VSP resources are still available if the VSP's WBEM Utilization Provider
is running.
The data is a 5-minute average that is calculated and updated on 5-minute boundaries.
Setting security credentials 17