Manualshelf

HP Application Recovery Manager software A.06.10 Installation and licensing guide (March 2008)

ManualsBrandsHP ManualsSoftwareHP Application Recovery Manager Cell Manager Windows Media Kit
919293949596979899100
to reduce these risks. These settings are described later on in this chapter. See
also Start backup specification user right on page 108.
Application Recovery Manager comes with only a few predefined user groups.
It is recommended to define specific groups for each type of user in the Application
Recovery Manager environment to minimize the set of rights assigned to them.
The configuration of users is connected with user validation (see
Strict hostname checking on page 106). Enhanced validation can be worthless
without careful user configuration and vice versa - even the most careful user
configuration can be worked around without the enhanced validation.
It is important that there are no weak user specifications in the Application
Recovery Manager user list.
NOTE:
The
host
part of a user specification is the strong part (especially with the enhanced
validation), while
user
and
group
parts cannot be verified reliably. Any user with
powerful user rights should be configured for the specific client they will use for
Application Recovery Manager administration. If multiple clients are used, an entry
should be added for each client, rather than specifying such a user as
user
,
group
,
<
Any
>. Non-trusted users should not be allowed to log on to any of those systems.
See also the online Help index: configuring, users for details on configuring users.
Cell Manager security
Cell Manager security is important because the Cell Manager has access to all clients
and all data in the cell.
Security of the Cell Manager can be enhanced via the strict hostname checking
functionality. However, it is important that the Cell Manager is also secured as a
client and that Application Recovery Manager users are configured carefully. Refer
to Strict hostname checking on page 106 and Securing clients on page 101.
Other security aspects
There are also some other security related aspects you should consider:
Users should not have access to any of the trusted clients (Cell Manager,
Installation Servers). Even granting anonymous log on or ftp access could
introduce a serious risk to overall security.
Maintaining the installation100