ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide
Pre-installation planning
Vulnerability and Patch Management Pack architecture
Determine the appropriate Vulnerability and Patch Management Pack infrastructure for your
server environment.
Shared configuration
Installing HP SIM and the Vulnerability and Patch Management Pack on a single server greatly
simplifies the security configuration by keeping all components on a single host, eliminating any
system requests and responses over the open network. Credential coordination, although necessary
between applications, does not have to extend beyond the boundaries of the single hosting system.
Figure 1. A single-node configuration
Figure 2. A single-node configuration with the VPM Acquisition Utility
The Vulnerability and Patch Management Pack provides an optional acquisition utility that connects to
the selected vendor website and downloads patch information and patch files. This information can
then be imported to the VPM server in the Vulnerability and Patch Management Pack database.
Acquisitions can be run either from the VPM server in situations when the VPM server has direct
access to the Internet or using the VPM Acquisition Utility installed on another system.
11