Manualshelf

HP Rack and Power Manager User Guide

ManualsBrandsHP ManualsSoftwareHP Rack and Power Manager Software
171172173174175176177178179180
E
HP Rack and Power Manager Security Considerations
HP Rack and Power Manager implements strict security for two important reasons:
HP Rack and Power Manager has managed devices that have the potential to perform
operations that are sensitive and destructive.
The application has browser accessibility.
To better ensure the security of HP Rack and Power Manager and the devices it manages, the
following topics should be considered in accordance with your organization’s security
policies and the environment in which HP Rack and Power Manager will operate.
Access to HP Rack and Power Manager requires an account in HP Rack and Power Manager.
Logging in requires the use of a user name and password, which should be kept properly
secured.
Each account in HP Rack and Power Manager can be given different access levels, providing
different capabilities. Ensure that the appropriate access level is granted to users of HP Rack
and Power Manager.
Browsing to HP Rack and Power Manager is done using SSL, which encrypts the data
between the browser and Management Server. The level of encryption supported by HP Rack
and Power Manager is 128-bit. SSL also provides authentication of the Management Server
by means of its digital certificate. Securely importing this certificate must be done to ensure
the identification of the Management Server.
HP Rack and Power Manager communicates with a CMC device, using the SNMP protocol.
SNMP secures requests for data by means of a community string. The community string is
configurable at the managed device and from within HP Rack and Power Manager, since both
parties must know the community string. Default community strings such as
public are
easily guessed and should be avoided.
NOTE: CMC community strings must be changed both at the device using a HyperTerminal connection
and from within HP Rack and Power Manager on the CMC Properties screen.
NOTE: Community string names are case-sensitive.
HP Rack and Power Manager uses a database as its primary storage facility. Access to the
database is controlled using a user name and password, which should be configured and kept
secure.
HP Rack and Power Manager User Guide E-1
HP CONFIDENTIAL Codename: Swordfish Part Number: 311371-002 Last Saved On: 2/3/04 3:21 PM