How it all works, Policies – HP 3PAR Policy Manager Software User Manual

Figure 1 HP 3PAR Policy Manager Configured to Mange Custodian Policies

How It All Works

The Secure Service Collector Server communicates with the Secure Service Custodian by posting
requests for the Custodian and receiving its responses. These can be requests to perform actions,
including uploading files, running applications, restarting, executing packages, setting data values
on the Custodians, and so forth. These requests are discovered by the Custodian Custodians upon
subsequent pings. If a Custodian is managed by the Policy Manager, the Custodian will first
reference its policy to determine whether or not it can perform the action.

Each Custodian is also configured with its own actions. These actions may be configured to execute
based on an internal schedule set in the Custodian, or based on triggering events. If Policy Manager
is in use, some of the Custodian’s own actions will be defined in the related policy.

Policies

When a Custodian connected to and managed by Policy Manager is presented with a request to
perform an action, it first refers to its policy, as defined by the Policy Manager. A policy is comprised
of a list of actions a Custodian can perform and permissions and rights to perform each action. A
Custodian’s policy determines how the Custodian will handle an action request and, based on the
defined policy, the Custodian will do one of three things:

•

Accept and perform the action.

•

Deny the action.

•

Ask the Policy Manager for permission to perform the action.

The Custodian enforces the policy as set in the Policy Manager and reports its policy-related
activities to the Policy Manager and the Collector Server for auditing reasons.

If a Custodian requests permission to perform an action, per its policy, the Policy Manager sends
an email notification to specified Policy Manager user(s). Based on the email information, the

How It All Works

7