Manualshelf

HPjmeter 4.3 User's Guide

ManualsBrandsHP ManualsSoftwareHPjmeter Software for HP-UX
31323334353637383940
$ -agentlib:jmeter=noalloc,appserver_port=7001,public,include=weblogic:com.bea
$ -agentlib:jmeter=nohotspots,owner_private,verbose:file=bcifilters.txt
$ -agentlib:jmeter=version
$ -agentlib:jmeter
Security Awareness
Securing Communication Between the HPjmeter Node Agent and the Console
IMPORTANT: The data stream between the HPjmeter console and agents is not protected from
tampering by a network attacker. You can help ensure that the data you view in HPjmeter visualizers
is an accurate reflection of your application's operation and that data confidentiality is protected
where needed.
Ensuring the Integrity of HPjmeter Console/Node Agent Data Transfer
For key applications in production, you may want increase your confidence that the data has not
been tampered with en route between the agents and console before you take action based on
HPjmeter metrics. Where you deem it necessary, confirm that the HPjmeter data looks reasonable
according to the usual behavior of your application. You can also pursue using secure socket layer
(SSL) tunneling to protect the integrity of data packets and to enhance the reliability of the data
reaching the HPjmeter console.
Want to Know More About Secure Socket Layer Tunneling?:
HP-UX IPSec and HP-UX Secure Shell are two HP products that provide secure socket layer tunneling.
To learn more:
HP-UX IPSec technical documentation (www.hp.com/go/hpux-security-docs)
HP-UX Secure Shell overview and download
(http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA)
HP-UX Secure Shell technical documentation (http://www.hp.com/go/hpux-security-docs)
See also Connecting to the HPjmeter Node Agent (page 222).
Protecting Data Confidentiality During HPjmeter Console/Node Agent Communication
Data sent to the console is not encrypted by HPjmeter. If you are concerned about confidentiality
of this data, you can protect confidentiality by using SSL tunneling to encrypt the header and data
portion of each packet during transfer.
Working with Firewalls
NOTE: The console first attempts to use a port between 9505 and 9515 when arranging a port
for its server socket. If it is unable to successfully use a port from this range, it will use an ephemeral
port number.
The node agent has an open socket. Any HPjmeter console on any machine on the network (that
is not blocked by a firewall) can communicate with this node agent. If you want to have a console
contact a node agent through a firewall, you must provide a tunneling port so that the console can
contact the node agent.
IMPORTANT: If you choose to open a port through a firewall to enable communication between
a node agent and a console, secure the tunneling port using HP-UX Secure Shell or HP-UX IPSec.
Configuring User Access
The node agent must be started by either the same user or group as the running JVM (recommended)
or root to establish contact.
32 Completing Installation of HPjmeter