HP 3PAR StoreServ 7450 4-node HP 3PAR Service Processor Software User&#039 - Page 21

HP 3PAR Communication Settings, Customer Controlled Access, Selecting the CCA Settings

Get HP 3PAR StoreServ 7450 4-node PDF manuals and user guides View all HP 3PAR StoreServ 7450 4-node manuals
Add to My Manuals
Save this manual to your list of manuals

Page 21 highlights

4 HP 3PAR Communication Settings This chapter provides an overview of the communication settings available through SPOCC and SPMAINT. These settings enable you to control and monitor communications between the HP 3PAR Storage System and HP 3PAR Headquarters through the Service Processor (SP). There are two methods for controlling communication between the Storage System and HP 3PAR Headquarters: Customer Controlled Access and HP 3PAR Policy Server. Policy Server is a optional feature that requires an HP 3PAR Policy Server license. For information about using Policy Server, see the HP 3PAR Policy Server Installation and Setup Guide. Customer Controlled Access NOTE: If the SP is running in Secure Network Mode (including A-class users), this section does not apply. Customer Controlled Access (CCA), available through SPOCC and SPMAINT, allows you to limit the network communication of external sources from or to the Service Processor (SP). CCA has three settings: • BOTH (or bidirectional HQ communications) is the default position that allows SSH communications outbound from the SP to transfer information back to the connection portal and inbound communications from the connection portal to SP ports 80 or 22, enabling remote operations. • OUT (or outbound-only HQ communications) allows the SP to send data to the connection portal through SSH but blocks remote connectivity. Control sequences such as acknowledgements are allowed in both directions in order to continue communication, but incoming updates, patches, manually requested data, and so on are blocked. • OFF (or turn off HQ communications) blocks all communication between the SP and HP 3PAR Central or a local service provider, both inbound and outbound. CCA works the same whether the connection to HP 3PAR Central or a local service provider is through the network or through a point-to-point modem connection. If the connection is set up to go through the network and out through the Internet, you can also restrict or allow transmissions with the network firewall. Selecting the CCA Settings The default setting for CCA is BOTH. Using either of the other settings can limit maintenance activities or possibly delay the resolution of problems. Consider the following trade-offs when selecting a setting for the HQ Customer Controlled Access: • BOTH - This is the default setting. All transmissions between the Service Processor (SP) and HP 3PAR Central or a local service provider occur without operator intervention. • OUT - The SP can contact HP 3PAR Central or a local service provider to warn of problems, but maintenance and troubleshooting must be handled by on-site technicians. Software upgrades and fixes must be performed manually by inserting a CD-ROM into the SP. The mean time to recovery will likely increase. • OFF - The SP cannot contact HP 3PAR Central or a local service provider when it detects an anomaly, and support technicians cannot operate the SP remotely or download software. Troubleshooting and maintenance must be performed by onsite technicians. Any files that need to be sent to HP 3PAR Central or a local service provider must be sent manually by FTP. Any software upgrades must be performed manually by inserting a CD-ROM into the SP. The mean time to recovery will likely increase. Customer Controlled Access 21

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
4 HP 3PAR Communication Settings
This chapter provides an overview of the communication settings available through SPOCC and
SPMAINT. These settings enable you to control and monitor communications between the HP 3PAR
Storage System and HP 3PAR Headquarters through the Service Processor (SP).
There are two methods for controlling communication between the Storage System and HP 3PAR
Headquarters: Customer Controlled Access and HP 3PAR Policy Server. Policy Server is a optional
feature that requires an HP 3PAR Policy Server license. For information about using Policy Server,
see the
HP 3PAR Policy Server Installation and Setup Guide
.
Customer Controlled Access
NOTE:
If the SP is running in Secure Network Mode (including A-class users), this section does
not apply.
Customer Controlled Access (CCA), available through SPOCC and SPMAINT, allows you to limit
the network communication of external sources from or to the Service Processor (SP).
CCA has three settings:
BOTH (or bidirectional HQ communications) is the default position that allows SSH
communications outbound from the SP to transfer information back to the connection portal
and inbound communications from the connection portal to SP ports 80 or 22, enabling remote
operations.
OUT (or outbound-only HQ communications) allows the SP to send data to the connection
portal through SSH but blocks remote connectivity. Control sequences such as
acknowledgements are allowed in both directions in order to continue communication, but
incoming updates, patches, manually requested data, and so on are blocked.
OFF (or turn off HQ communications) blocks all communication between the SP and HP 3PAR
Central or a local service provider, both inbound and outbound.
CCA works the same whether the connection to HP 3PAR Central or a local service provider is
through the network or through a point-to-point modem connection. If the connection is set up to
go through the network and out through the Internet, you can also restrict or allow transmissions
with the network firewall.
Selecting the CCA Settings
The default setting for CCA is BOTH. Using either of the other settings can limit maintenance
activities or possibly delay the resolution of problems. Consider the following trade-offs when
selecting a setting for the HQ Customer Controlled Access:
BOTH - This is the default setting. All transmissions between the Service Processor (SP) and
HP 3PAR Central or a local service provider occur without operator intervention.
OUT - The SP can contact HP 3PAR Central or a local service provider to warn of problems,
but maintenance and troubleshooting must be handled by on-site technicians. Software
upgrades and fixes must be performed manually by inserting a CD-ROM into the SP. The mean
time to recovery will likely increase.
OFF - The SP cannot contact HP 3PAR Central or a local service provider when it detects an
anomaly, and support technicians cannot operate the SP remotely or download software.
Troubleshooting and maintenance must be performed by onsite technicians. Any files that
need to be sent to HP 3PAR Central or a local service provider must be sent manually by FTP.
Any software upgrades must be performed manually by inserting a CD-ROM into the SP. The
mean time to recovery will likely increase.
Customer Controlled Access
21