A.05.70 HP Insight Remote Support Advanced and Remote Device Access Security Overview (October 2011, 5900-1735)

ManualsBrandsHP ManualsSoftwareHP Insight Remote Support Advanced Software

2.13.1 SSL.......................................................................................................................................34

2.13.2 Cookies................................................................................................................................34

2.13.3 Passwords.............................................................................................................................34

2.13.4 Operating System dependencies..............................................................................................34

2.13.5 Data Collection Scripts............................................................................................................35

2.13.6 Background Processes and Daemons........................................................................................35

2.13.7 Security Auditing....................................................................................................................35

2.13.8 Command-line Interface..........................................................................................................35

3 Remote Device Access (RDA)......................................................................37

3.1 Executive Overview..........................................................................................................................37

3.2 Service Description..........................................................................................................................37

3.3 Service Value..................................................................................................................................38

3.3.1 Authentication.........................................................................................................................38

3.3.2 Access Control Overview.........................................................................................................38

3.3.3 Secure Communications...........................................................................................................38

3.4 Unattended RDA Using SSH.............................................................................................................38

3.4.1 Customer Access System (CAS)..................................................................................................38

3.4.1.1 Customer-owned CASii......................................................................................................39

3.4.1.2 Virtual CAS.....................................................................................................................39

3.5 HP Instant Customer Access Server (iCAS)..........................................................................................40

3.6 Access Control Details.....................................................................................................................41

3.6.1 Access control on the HP side....................................................................................................41

3.6.2 Access control on the customer side...........................................................................................42

3.7 Connectivity Method: SSH-Direct – Secure Shell over Internet.................................................................43

3.8 Connectivity Methods for VPN Solutions.............................................................................................43

3.8.1 hpVPN...................................................................................................................................45

3.8.2 Customer-Owned Router (COR) VPN.........................................................................................45

3.9 Connectivity Method for Integrated Service Digital Network (ISDN).......................................................45

3.10 Attended RDA via Virtual Support Room............................................................................................45

3.11 Data Privacy..................................................................................................................................46

3.12 Remote Device Access Security Details..............................................................................................47

3.12.1 Outbound Security..................................................................................................................47

3.12.2 Inbound Security....................................................................................................................47

3.12.3 Secured Communication..........................................................................................................47

3.12.4 Unsecured Communications.....................................................................................................48

3.12.5 Security Auditing....................................................................................................................48

A X.509 Certificates and Insight Remote Support Advanced..............................49

A.1 Overview.......................................................................................................................................49

A.2 Certificate Revocation Lists...............................................................................................................49

A.3 Digital Signature Verification in the Remote Support Client...................................................................49

A.3.1 Signature Checking.................................................................................................................49

A.4 CRL Checking................................................................................................................................51

A.5 Self-Signed Certificates....................................................................................................................51

B Summary of Network Ports for Standard Operating System Connectivity..........53

B.1 Standard Operating System Network Ports..........................................................................................53

C Summary of Network Ports for Servers........................................................55

C.1 Central Management Server (CMS)...................................................................................................55

C.2 HP-UX Managed Systems.................................................................................................................56

C.3 Integrity Linux Managed Systems.......................................................................................................57

C.4 Integrity Windows Server 2003 Managed Systems.............................................................................57

C.5 Integrity Windows Server 2008 Managed Systems.............................................................................58

C.6 Multivendor and Application Adapter (MVAA)....................................................................................59

4 Table of Contents