HP Systems Insight Manager 5.3 Technical Reference Guide

ManualsBrandsHP ManualsSoftwareHP Systems Insight Manager for HP-UX

401

402

403

404

405

406

407

408

409

410

ProtocolPortDescription

SNMPUDP 161SNMP Agent

HTTPTCP 2301HP SMH Web Server*

HTTPSTCP 2381HP SMH Secure Web Server*

HTTPSTCP 5989WBEM/WMI Mapper Secure Port+

The following outbound ports must be open to allow communication between a managed system and the

CMS. Not all firewalls on managed systems block outbound requests.

ProtocolPortDescription

SNMPUDP 162SNMP Trap

HTTPSTCP 50004WBEM/WMI Mapper Secure Port+

* If the system is not being managed from HP SIM, only ports 2301 and 2381 must be configured to enable

browser access to HP SMH.

** Usage is configurable in HP SIM, and ICMP echo is used by default.

+ Only open port 5989 and 50004 on a Windows system if the WMI mapper is installed.

++ Only open port 22 if OpenSSH is installed.

For more information, see the

Understanding HP SIM 5.3 security

white paper at http://

h18013.www1.hp.com/products/servers/management/hpsim/infolibrary.html.

Configuring the firewall

Configuring the firewall on a Windows system

1. Select Start→Settings Control Panel.

2. Double-click Windows Firewall to configure the firewall settings.

3. Select Exceptions.

4. Click Add Port and add the ports from the inbound table above.

a. In the Name field, enter the protocol.

b. In the Port number field, enter the port number.

c. Click OK to save your settings and close the Add a Port dialog box.

5. Enable file and print sharing.

a. Select File and Print sharing.

b. Click OK.

6. Click OK to save your settings and close the Windows Firewall dialog box.

7. Enable Remote Administration Exception:

a. In the Control Panel, open the Group Policy editor.

b. Select Computer Configuration→Administrative Templates→Network→Network

Connections→Windows Firewall→Domain Profile→Enable the Windows Firewall: Allow

Remote Administration Exception.

Configuring the firewall on an HP-UX system

The HP-UX IPFilter firewall is included with HP-UX 11iv2 and might need to be installed on earlier versions

of HP-UX. To configure the firewall, a firewall rule-set must be added to the /etc/ipt/ipf/ipf.conf

file and the openings for the ports in the table above must be added. For details on the file format, see the

ipf(5) manpage. For instructions on enabling the firewall, see the ipf(8) manpage.

Alternatively, you can use HP-UX Bastille can be used to create and enable the firewall configuration. Add

the ipf-formatted firewall port-openings from the table above to the

/etc/opt/sec_mgmt/bastille/ipf.customrules file and use the HP-UX Bastille wizard. For more

information, see the bastille(1) manpage.

402 Tools that extend management