HP ProLiant DL185 HP Insight Management Agents architecture for Windows server - Page 15

Replicate Agent Settings service

Get HP ProLiant DL185 - G5 Server PDF manuals and user guides View all HP ProLiant DL185 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 15 highlights

HTTPS, single sign-on, and secure task execution An additional role of the SMH framework is to provide a secure communications environment for the Insight Management Agents architecture. SNMP does not provide secure, encrypted communications between the managed server and the remote requesting process. To address this, the SMH framework implements HTTPS, a separate, SSL-based, secure communications link and protocol between each managed server and the SIM server. While SIM continues to use the standard SNMP service to retrieve basic MIB information, all sensitive traffic (including threshold Sets, configuration data, and other commands) is sent over this secure link using HTTPS. A configurable trust relationship also provides certificate-based authentication between the managed servers and the SIM server. This authentication eliminates the need for a user to manually log-in to each managed server and forms the basis for the Insight Manager single sign-on functionality. Without the SMH framework, SIM single sign-on would not be possible. The trust model also allows SIM to perform automated tasks on managed servers without storing the credentials of the user who sets up the task. This is known as Secure Task Execution. Replicate Agent Settings service The SMH framework implements the remote configuration capabilities of the Insight Management Agents architecture using the Configure Agent Settings functionality, which is part of the Replicate Agent Settings service. To accomplish this, the service establishes a protocol that allows HP SIM to query the SMH framework for the configuration settings of various components of the client-side Insight architecture. This includes the Insight agent settings, general SNMP settings, the SMH security settings, and others. Changes to configuration settings can then be passed back and forth between the SIM server and the SMH framework over the SSL link. When the Replicate Agent Settings service receives the new parameters, it changes the configuration settings on the managed server. The Replicate Agents Settings capability in HP SIM is built using this core service of the SMH framework. In HP SIM, an administrator can use the Replicate Agents Settings functionality to duplicate the agent settings of one reference server across an entire group of managed servers. Without the SMH framework and the Replicate Agents Settings service installed on the managed servers, the Replicate Agents Settings functionality in HP SIM cannot work. 15

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
15
HTTPS, single sign-on, and secure task execution
An additional role of the SMH framework is to provide a secure communications environment for the
Insight Management Agents architecture. SNMP does not provide secure, encrypted communications
between the managed server and the remote requesting process. To address this, the SMH framework
implements HTTPS, a separate, SSL-based, secure communications link and protocol between each
managed server and the SIM server. While SIM continues to use the standard SNMP service to
retrieve basic MIB information, all sensitive traffic (including threshold Sets, configuration data, and
other commands) is sent over this secure link using HTTPS.
A configurable trust relationship also provides certificate-based authentication between the managed
servers and the SIM server. This authentication eliminates the need for a user to manually log-in to
each managed server and forms the basis for the Insight Manager single sign-on functionality.
Without the SMH framework, SIM single sign-on would not be possible. The trust model also allows
SIM to perform automated tasks on managed servers without storing the credentials of the user who
sets up the task. This is known as Secure Task Execution.
Replicate Agent Settings service
The SMH framework implements the remote configuration capabilities of the Insight Management
Agents architecture using the Configure Agent Settings functionality, which is part of the Replicate
Agent Settings service. To accomplish this, the service establishes a protocol that allows HP SIM to
query the SMH framework for the configuration settings of various components of the client-side
Insight architecture. This includes the Insight agent settings, general SNMP settings, the SMH security
settings, and others. Changes to configuration settings can then be passed back and forth between
the SIM server and the SMH framework over the SSL link. When the Replicate Agent Settings service
receives the new parameters, it changes the configuration settings on the managed server.
The Replicate Agents Settings capability in HP SIM is built using this core service of the SMH
framework. In HP SIM, an administrator can use the Replicate Agents Settings functionality to
duplicate the agent settings of one reference server across an entire group of managed servers.
Without the SMH framework and the Replicate Agents Settings service installed on the managed
servers, the Replicate Agents Settings functionality in HP SIM cannot work.