Manualshelf

ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide

ManualsBrandsHP ManualsSoftwareHP Vulnerability and Patch Management Flexible Server License
10111213141516171819
Figure 4. A distributed configuration across three systems with the VPM Acquisition Utility
As in a single-node configuration, the optional VPM Acquisition Utility can be installed and configured
on a separate system. The utility connects to the selected vendor website and downloads patch
information and patch files. This information can then be imported to the VPM server in the
Vulnerability and Patch Management Pack database. Acquisitions can be run either from the VPM
server in situations when the VPM server has direct access to the Internet or using the VPM Acquisition
Utility installed on another system.
Distributed configuration with a separate database
In this configuration, the HP SIM database is installed on a separate server than both HP SIM and the
Vulnerability and Patch Management Pack. This configuration is supported for use with the
Vulnerability and Patch Management Pack. See the HP Systems Insight Manager Installation and User
Guide for information about and requirements for this configuration.
Using an SSL certificate with IIS
An SSL certificate can be used with IIS to provide additional security when using a distributed
configuration. To use IIS Certificate Services with the Vulnerability and Patch Management Pack:
Enable the HP SIM Trust by SSL certificate option. In a distributed configuration, an extra level of
access control can be enabled in HP SIM to allow connections only from certain systems,
depending on the acquisition and deployment of SSL certificates. For more information, see
Understanding HP Systems Insight Manager Security” in the HP SIM Information Library at
http://www.hp.com/go/hpsim.
Install the VPM server SSL certificate. In the distributed environment, requests for Vulnerability and
Patch Management Pack actions from HP SIM should be protected with an HTTPS link. Ensure that
the HTTPS link is established by placing an SSL certificate in the IIS Web service certificate store.
For more information about IIS Certificate Services, see either of the following sources:
http://msdn.microsoft.com/library/default.asp?url=/library/en-s/secmod/html/secmod30.asp
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/
maintain/featusability/c06iis.mspx
13