Manualshelf

Understanding HP SIM 5.1 and 5.2 security (481362-003, January 2009)

ManualsBrandsHP ManualsSoftwareHP Systems Insight Manager 5.x Windows Software
12345678910
Desktop Management Interface (DMI)
DMI is a legacy protocol for management data and has been largely superseded by WBEM. DMI is
based on Distributed Computing Environment Remote Procedure Call (DCE/RPC) and is not secure.
Remote Method Invocation (RMI)
Java™ RMI is used within the CMS only for inter-process communication.
Remote Wake-Up
Remote Wake-Up refers to the ability to remotely turn on a system that is in a soft-off power state.
Systems that support the Advanced Configuration and Power Interface (ACPI) should be awakened
transparently by any network activity to the system. Alternatively, a system might support the Magic
Packet technology. When a system is turned off, the Magic Packet–capable network interface card
(NIC) is still powered on and monitoring traffic. If it receives the Magic Packet targeting it, the system
will be powered on.
Internet Control Message Protocol (ICMP)
ICMP is used during automatic system discovery and prior to other requests to a system to ensure the
system is responding. An ICMP echo request, also known as a ping, is sent to the system’s IP address.
Receipt of a proper reply indicates the system is up and responding.
Note: HP SIM can be configured to use TCP as a ping, instead of ICMP, from the Global Protocol
Settings page.
Lightweight Directory Access Protocol (LDAP)
LDAP 3 is used during execution of a Directory Group tool to communicate with the configured
directory server to collect information about systems configured in the directory.
Simple Object Access Protocol (SOAP)
SOAP is used by partner applications to communicate with HP SIM. It is primarily XML over HTTPS.
Securing communication
Secure Sockets Layer (SSL)
SSL is an industry-standard protocol for securing communications across the Internet. It provides for
encryption to prevent eavesdropping as well as data integrity to prevent modification, and it can also
authenticate both the client and the server, leveraging public-key technology. All communications
between the browser and the CMS are protected by SSL. HP SIM supports both SSL 3 and Transport
Layer Security (TLS) 1.0.
Secure Shell (SSH)
SSH is an industry-standard protocol for securing communications. It provides for encryption to
prevent eavesdropping plus data integrity to prevent modification, and it can also authenticate both
the client and the server utilizing several mechanisms, including key-based authentication. HP SIM
supports SSH 2.