7.0.8 Insight Remote Support Security White Paper
13
Insight Remote Support
HP Insight Remote Support version 7.0.8 stores information is specific locations on the Hosting Device. Permissions on
these directories are set to deny access to all users except Hosting Device System Administrators and the Windows
System account. The Installer can change the default locations for these directories during installation. The standard
(default) locations for Insight Remote Support are as follows:
Data %SystemDrive%\ProgramData\HP\RS\DATA
Log Files %SystemDrive%\ProgramData\HP\RS\LOG
Configuration Files %SystemDrive%\ProgramData\HP\RS\CONFIG
Executable Files (32-bit) %SystemDrive%\Program Files\HP\RS
Executable Files (64-bit) %SystemDrive%\Program Files (X86)\HP\RS
Event Management
Insight Remote Support relies on the onboard diagnostic monitors to detect hardware events on monitored devices.
When events are detected, notification is sent to the Hosting Device (and any other monitoring host) via one of the
management protocols listed in Table 1 above. The management protocol used is determined by platform and policy.
Insight Remote Support supports platforms (refer to the Monitored Devices Configuration Guide to determine the
supported protocol for your device).
When the Hosting Device receives an event from the managed device, the Insight Remote Support software on the
Hosting Device will screen the event to determine whether or not the event may require action by HP to address. If the
analysis determines that action by HP may be necessary, the event will be packaged with the contact information for the
affected device stored in Insight Remote Support and sent to HP via HTTPS (TCP/443). Event details are typically stored
locally on the Hosting Device for 24 to 36 hours after analysis and can be viewed at the following (default) location:
Event Data
%SystemDrive%\ProgramData\HP\RS\DATA\ANALYSIS\attachments\{filename}.xml
Data Collections
Insight Remote Support collects configuration information about devices in your environment. This data is used to aid in
restoring your device to production status. Depending on your support agreement with HP, it can also be analyzed and
compared with information in HP’s knowledge database to provide recommendations to improve performance, or to
avoid potential unwanted downtime. Data is collected using management agents (like WBEM) to query the device and
report data back to the Hosting Device. This information is packaged by the Hosting Device and sent to HP via HTTPS
(TCP/443). Data collections are compressed and stored locally on the Hosting Device for varying lengths of time
depending on the collection type and schedule. Stored collections can be viewed at the following (default) location:
Collection Data:
%SystemDrive%\ProgramData\HP\RS\DATA\collection\results\[Collection_ID]\[SubcollectionID]\[filename].zip
The default collection retention policies for on demand (RunNow) and scheduled collections are shown in Table 3, the
Number Retained value indicates the maximum number of most recent collections that will be stored locally on the
Hosting Device.
Collection Name
Default Collection
Schedule
Number Retained for
'RunNow' Collections
Number Retained for
'Scheduled' Collections
ActiveHealthServiceCollection
Weekly
1
2
PrinterBasicCollection
Weekly
2
3
MetricsCollection
Weekly
7
4
NetworkConfigurationCollection
Weekly
2
3
P4000FamilyConfigurationCollection
Daily
2
5
PerformanceDataCollection
RunNow Only
2
N/A
SANConfigurationCollection
Weekly
2
3