A.05.70 HP Insight Remote Support Advanced and Remote Device Access Security Overview (October 2011, 5900-1735)
NOTE: For further details, refer to the
HP Insight Remote Support Advanced Central Management Server
Configuration Guide
available at http://www.hp.com/go/insightremoteadvanced-docs.
NOTE: For a complete description of system requirements, see the
A.05.70 Insight Remote Support
Advanced Release Notes
available at http://www.hp.com/go/insightremoteadvanced-docs.
2.7 Remote Support Software Manager (RSSWM)
2.7.1 Installation and Setup
The HP Remote Support Software Manager (RSSWM) is bundled with Insight Remote Support Advanced
installation kit. RSSWM facilitates the download and installation of Insight Remote Support Advanced
components. During installation, RSSWM application folders and three local SYSTEM services will be created
on the Central Management Server (CMS). The customer is asked to provide a company name and optional
contact information to initiate registration with HP.
HP recommends using RSSWM to manage Insight Remote Support Advanced software. However, HP also
recognizes that HP managed software updates may not fit all change management models. The
Install-Then-Manage (ITM) option allows applications and their updates to be manually installed at the
discretion of the system administrator, either by directly accessing HP’s Software Depot at https://
h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=RSADVANCED from the
CMS, or by downloading software onto another system and transferring to the CMS via physical media
such as CD, DVD, or USB flash and updating from a local depot.
2.7.2 Data Collection and Storage
The RSSWM agent periodically collects, stores, and transports CMS software inventory and system data to
HP using SSL or TLS over HTTPS. Note that this is done only for the CMS itself – the RSSWM agent does not
collect or transport data associated with any supported devices. A copy of the information sent to HP is
stored in the RSSWM agent folders located at:
<SWM Install Location>\Lib\RADSETUP\
<SWM Install Location>\Lib\RSSWM\RSPS\SWMAUDIT\
2.7.3 Installation Package Security
Software applications downloaded from HP are stored in the Installers directory, typically located at: <SWM
Install Location>\Installers\. MD5 checksums are used to verify that the installation files have
not been modified since they were packaged at HP.
During installation of HP SIM, a SIM administrator user is configured. The RSSWM agent sets up the HP
RSSWM-SIM Context Service during agent installation. This service facilitates an installer digitally signed
by HP to run in the context of the HP SIM administrator thus enabling the installer to run integration commands
with HP SIM. Not all packages deployed through RSSWM require HP SIM integration.
2.7.4 User Interface
The RSSWM interface is only available to users logged into the CMS. In addition to a direct console session,
the user can employ Microsoft Remote Desktop Client, mstsc.exe, to access the RSSWM interface. The
user must specify the connect-to-console option, specified by the option '/admin', from the command line.
The RSSWM User Interface allows the administrator user to specify the software update policy, schedule
update installation windows and configure software packages and installation depots on the CMS.
2.7.5 HP Transport Security
The RSSWM agent uses server-side authentication to ensure that it is connecting to a valid HP RSSWM
server. Upon installation, the RSSWM agent generates an install ID which is stored in the system registry (
HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\RSSWM\GUID) and used during subsequent
RSSWM connections to uniquely identify itself. All communications and application downloads are done
over HTTPS (TCP port 443) connections. HP RSSWM uses a HP CA signed X.509 digital certificate for
2.7 Remote Support Software Manager (RSSWM) 23