4 security, General security topics, Securing gwlm communications – HP Matrix Operating Environment Software User Manual

Page 31: Securing database communications, Securing postgres communications, Securing oracle communications

Advertising
background image

4 Security

This chapter highlights several security items you should be aware of.

General security topics

The following items are a few general topics on security:

HP provides the HP-UX Bastille product, available from

http://software.hp.com

at no charge,

for enhancing system security.

You can secure gWLM’s communications as explained in the following section.

System Insight Manager allows you to create user roles with different levels of privileges. For
more information, see the System Insight Manager documentation.

For information on authorizations needed to run the HP Matrix Operating Environment, see
the HP Matrix Operating Environment Getting Started Guide or the online help topic
“Authorizations and Read-only Monitoring.”

Securing gWLM communications

By default, gWLM’s communications are not secure, meaning:

The communications between the CMS and the managed nodes are not encrypted

The source and destination of gWLM’s communications are not authenticated

When securing communications, you must do so for every managed node in every SRD managed
by a given CMS.

To secure gWLM’s communications, assuming OpenSSH is installed and configured for System
Insight Manager on each of the managed nodes, select from the System Insight Manager menu
bar:

Configure

→Matrix OE Agents→Secure gWLM Communications…

For more information, see the online help topic “Securing gWLM Communications.”

Alternatively, you can secure communications manually by following the steps outlined in
gwlmsslconfig(1M).

NOTE:

HP strongly recommends always using gWLM with its communications secured.

Securing database communications

The following sections explain how to secure communications for the databases supported with
gWLM.

Securing Postgres communications

No steps are needed to secure Postgres communications.

Securing Oracle communications

Oracle communications are not secure by default in the HP-UX environment. To secure
communications:

NOTE:

This procedures affects gWLM, HP Capacity Advisor, and HP Matrix OE visualization

as they all communicate with the Oracle database in the same manner.

1.

Open /etc/opt/gwlm/conf/gwlmcms.properties in a text editor.

2.

Set the property com.hp.gwlm.jdbc.oracle.secure to 'on'.

General security topics

31

Advertising
Popular Brands
Popular manuals