Manualshelf

SeeView Server Gateway (SSG) Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
919293949596979899100
SSG Component Configuration
HP NonStop SeeView Server Gateway (SSG) Manual526356-004
3-7
Monitoring Only
When configuring your SSG environment, you generally do not want users to share
access to CIs that support sensitive or potentially destructive commands (such as
TACL, SCF, and so forth). In other words, you do not want user A to access the CIs
running under user B’s SSG if those CIs give user A access to sensitive commands.
Thus, a security setting of USER should be used for these CIs. However, you can allow
shared access to safe CIs that provide only status and monitoring information (such as
ASAP, OMFCOM, and so forth). In fact, the SSG is configured in this way by default:
the safe CIs ASAP, EMSA, NSS, and OMFCOM are configured to be shared with ANY
access, but all other CIs are secured with USER access. If the SSG is run in default
mode, all users can share a single SSG and single copy of the safe CIs. However, if
users need to access sensitive CIs via the SSG, each user needs to have their own
SSG and set of CIs.
How you configure your SSG environment depends on how you use the SSG. Although
there are many possibilities, usage can be broadly categorized as Monitoring Only or
Management. To provide security and flexibility, the configuration requirements of each
of these categories differ.
Monitoring Only
For monitoring only, the only applications using SSG services would be state and
status monitoring applications such as ASAP and NSS. In this case, you can share
access to a single SSG and a single set of CIs, because doing so poses no security
risk. Configure the necessary CIs with ANY access, and direct all client applications to
access the same SSG. In addition, there is no need for user-specific CI settings
because there are no default security settings to override. Your
$SYSTEM.SYSTEM.SSGCONF file might contain:
If the application you are running uses the Windows-based Client-Server Gateway
(CSG) to access SSG services, configure the CSG to use this shared SSG. Select the
ViewOptions menu in the CSG main window, which displays the configuration
dialog window as shown in Figure 3-1 on page 3-8:
SET SECURE ASAP ANY ! Share access to ASAP
SET SECURE NSS ANY ! Share access to NSS
SET SECURE OMFCOM ANY ! Share access to OMFCOM
SET SECURE EMSA ANY ! Share access to EMSA
SET SECURE DEFAULT NONE ! Optional; prevents access to other CIs by any user
SET SSGCONFSEARCH OFF ! No need to read the user's SSGCONF file
SET ID $ZSG ! Set the ID of the shared SSG
SET AUTOSTART ON ! Cause SSGCOM to start SSG automatically on demand