Manualshelf

Managing HP servers through firewalls with Insight Management 7.2

ManualsBrandsHP ManualsSoftwareInsight Software
12345678910
White paper| HP Insight Management 7.2
9 | March 2013
Case 1: Management
protocols banned from the
DMZ
In some computing environments, IT security policies restrict management protocols in the secure
environment. Security policies may or may not permit other protocols (such as email or file
sharing) in the DMZ. An acceptable management solution must conform to security restrictions of
the environment.
Even if active management is not possible, some management information can flow from
managed devices in such an environment. Either SNMP or WBEM/WMI can be used to manage
ProLiant servers. These protocols can be configured to prevent access from off the platform. For
information about configuring SNMP or WBEM, see the documentation for your operating system.
Asset management
In this type of computing environment, administrators can collect system asset information from
a ProLiant server in the DMZ as long as the Agents or WBEM providers are running and an
application is running that can get the data locally. For example, Microsoft Systems Management
Server can get asset information from the Agents and transfer that information to its central
server through the operating system file share. As a second option, you can browse to the web-
based System Management Homepage (https://<servername>:2381/) and manually
view the asset information.
Fault management
Administrators can configure ProLiant servers to send an email (through SMTP) when a hardware
problem occurs. In Microsoft Windows operating systems, the Agent Event Notifier provides this
optional feature. You can set up and configure the Agent Event Notifier during the agent
deployment. In Linux operating systems, if a hardware problem occurs, emails are automatically
sent to the root email on the managed system.
The Insight Agents for Microsoft Windows also create Windows Event Log entries. A management
tool such as HP Network Management Center or Microsoft Operations Manager operating in the
same environment can then collect the log entries and send them back to a centralized server.
The Insight Agents for Linux also create entries in the syslog. Administrators can write a script to
look for these entries and take appropriate action.
Deployment and migration
With HP Insight Control installed, hardware deployment, migration, and management can be
difficult administrative tasks. As the protocols inside the secure area (DMZ) are banned, you need
to disable or allow the protocols within the Intranet, which HP does not recommend.
Integration
Create templates with detailed requirements (server, storage, networks) for simple or complex
infrastructure needs using visual drag-and-drop design tools. Users select from a catalog of
published infrastructure templates in the self-service portal, which routes the requests through a
configurable approval process. The network resource has to be available to the administrator, and
protocols have to work normally to establish communication. Here, security is a primary concern if
you want to integrate because the firewall rules must be loosened.