Managing HP Servers through Firewalls with Insight Management 7.0

Figure 4 WMI Mapper on managed Windows system behind firewall

The WMI Mapper is included with the Windows version of HP SIM but can also be used with other

versions. It is available with the HP SIM software or from the HP website at

http://www.hp.com/go/hpsim. The mapper can be installed on a Windows system to allow WBEM

access to that system.

If the mapper is to be used as a proxy to access other systems, as shown in the previous DMZ

example, then HP SIM must be configured to recognize the mapper as a proxy: Use the Options 

Security  WMI Proxy Settings menu item and add the system on which the mapper is installed.

WS-MAN

WS-Management is a public standard SOAP-based protocol for sharing management data among all

operating systems, computers, and devices. WS-MAN depends upon SOAP. As of this writing, it is

used to manage iLO2 and HPOA.

SSH

Secure Shell (SSH) allows logging in to another system over a network and executing commands on

that system. It also enables administrators to move files from one system to another in an encrypted

format. It provides authentication and secure communications over insecure channels, and uses TCP

port 22 to communicate.

Fault management

The HP Agents have two means for communicating faults: SNMP traps and SMTP e-mail (Table 2).

Both originate from the agents in the DMZ to the CMS or to the SMTP mail server. The HP Insight

Management WBEM providers can communicate faults using WMI indications. It is recommended

that the WMI Mapper be installed on the managed system so that these faults can be sent using

WBEM (CIM-XML/HTTP) through the firewall.

Table 2 How HP agents communicate faults

CMS

Managed

System

Port

Protocol

Description