Insight Remote Support 7.0.9 Security White Paper
HTTP
The Hypertext Transfer Protocol (HTTP) is an application-layer protocol used for exchanging data. HTTP is
described in RFC 2616. Its most popular usage is for transferring text, graphic images, sound, video, and other
multimedia files to Web browsers. HTTP capabilities are also general enough for non-web applications. HTTP
communications are unencrypted. HTTP typically uses Transmission Control Protocol (TCP) port 80. HTTP is used
by Insight Remote Support to discover monitored devices and communicate with older network devices that do
not support encrypted communications.
HTTPS
HTTPS is HTTP with Secure Sockets Layer (SSL) or Transport Layer Security (TLS) encryption for security. All
communications between the Hosting Device and the HP Remote Support Data Center are carried out over
HTTPS. HTTPS is also used for the marshalling and transfer of collected device data between the Hosting Device
and the monitored systems. HTTPS typically uses TCP port 443, but other services, like Remote Insight Board
Command Language (RIBCL) and Web-Based Enterprise Management (WBEM), may specify a different port
number for HTTPS communications. HTTPS is described in RFC 2818.
IPSec
IP Security, or IPSec, is a suite of protocols for securing IP communications. IPSec operates in two modes. In
transport mode it can be configured to provide end-to-end security of all communications between two systems.
In tunnel mode, IPSec can be used to provide Virtual Private Network (VPN) connectivity over insecure networks.
A typical IPSec deployment uses two protocols: Internet Security Association and Key Management Protocol
(ISAKMP) and either Encapsulating Security Payload (ESP) or Authentication Header (AH), both of which are IP
protocols. AH is seldom used as it does not provide encryption. IPSec is described in RFC 4301.
IKEv2
Internet Key Exchange version 2 performs mutual authentication between two parties and establishes an IKE
security association (SA) that includes shared secret information that can be used to efficiently establish SAs for
Encapsulating Security Payload (ESP) [see: RFC 4303] and/or Authentication Header (AH) [see: RFC 4302] and a
set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry. In this document, the
term "suite" or "cryptographic suite" refers to a complete set of algorithms used to protect an SA (Security
Association). An initiator proposes one or more suites by listing supported algorithms that can be combined into
suites in a mix-and-match fashion. IKE can also negotiate use of IP Compression (IPComp) in connection with an
ESP and/or AH SA. IKEv2 is described in RFC 4306
OCSP
The Online Certificate Status Protocol (OCSP) [RFC2560] defines a protocol for obtaining certificate status
information from an online service. An OCSP responder may or may not be issued an OCSP responder certificate
by the certification authority (CA) that issued the certificate whose status is being queried. An OCSP responder
may provide pre-signed OCSP responses or may sign responses when queried. OSCP is described in RFC 6277
P4000 SAN
The P4000 Storage Area Network (SAN) Solution (SAN/iQ) protocol is the command line interface that is used to
interface with the P4000 Storage Systems from the Hosting Device. The P4000 Command Line Interface (CLI) is
installed with Insight Remote Support.
Note: The P4000 SAN Solution is sometimes referred to as CLiQ (or cliq), which is the name of the command used
within the P4000 SAN Solution.
P6000 CV
P6000 Command View (CV) is the storage management software used to monitored HP Enterprise Virtual Array
(EVA) devices. Insight Remote Support uses ELMC to monitor the array controllers for new log entries and
communicates this information back to the Hosting device. The Hosting Device communicates with P6000 CV
over TCP port 2372 to query the software for configuration and event details.
RIBCL
Remote Insight Board Command Language is an Extensible Markup Language (XML) based command language
for managing HP ProLiant Servers (series 300 and higher) via the Integrated Lights Out (iLO) interface. Insight RS
uses RIBCL to communicate with the server onboard administrator (OA) to gather configuration information and
event details for monitored devices. RIBCL communicates using HTTPS (TCP port 443).
SNMPv1