The System Management Setup Wizard enables you to set some of the security options used by all of the HP Web-Based System Management agents on the device. These options include setting account passwords and configuring the trust mode for Insight Manager 7 servers. This wizard will initiate when an HP Web-Based System Management product is installed in interactive mode if there are no existing security settings.
Once the wizard initiates, the following will occur:
The welcome dialog box displays.
Click Next. The Login Accounts dialog box displays.
The Management HTTP Server has three accounts with different access levels. These are the only accounts the Management HTTP Server supports. If you are logging in to a Management HTTP Server from Insight Manager 7 using Single Login, you will be logged into Management HTTP Server with the HTTP server account that matches the Insight Manager 7 account setting for Automatic Device Authentication. The Login Accounts dialog box enables you to set the Administrator, Operator and User passwords.
In the Administrator Password field, enter the account password.
In the Confirm field, re-enter the account password exactly the same as you entered it in the Administrator Password field.
The Login Accounts dialog box requires that the Administrator password be set. The Operator and User passwords are not required.
Click Next. The Trust Mode dialog box displays.
The Trust Mode dialog box allows you to select the level of security you wish to provide. The Trust By Certificates option is the default selection on the Trust Mode dialog box since it provides the most security.
If you select Trust By Certificates, click Next. The Trusted Certificates dialog box displays.
The Trust By Certificates option will require the submitted server to provide authentication by means of certificates. This mode is the strongest method of security, since it requires certificate data and verifies the digital signature before allowing access.
Click Add File. A dialog box displays.
Enter the name of the file you wish to add. Click OK. The dialog box closes, and the file name you entered displays in the Trusted Certificates List.
Click Finish. The installation is complete.
For more information regarding exporting a certificate from Insight Manager 7, refer to the Technical Reference Guide; Chapter 12, "Settings for Security", Exporting the Insight Manager 7 Server Certificate.
Delete allows you to remove any of the trusted certificates that are displayed. To delete a certificate file, select the certificate file you want to delete and click the Delete.
If you select Trust All, click Finish. The installation is complete.
The Trust Mode dialog box displays a Finish if you select Trust All. The Trust Mode dialog box displays Next if you select Trust By Certificates or Trust By Name .
The Trust All option leaves your system vulnerable to security attacks. The Trust All option will setup the HTTP Server to accept certain requests from any server. An example of why you may want to use Trust All would be if you have a secure network, and everyone in the network is trusted.
If you select Trust By Name, click Next. The Trusted Insight Manager 7 Servers dialog box displays.
Although Trust By Name mode is a slightly stronger method of security than the Trust All mode, it still leaves your system vulnerable to security attacks. The Trust By Name mode will setup the Management HTTP Server to only accept certain requests from servers with the Insight Manager 7 names designated in the Trust By Name field: The Trust By Name option is easy to configure, and will prevent non-malicious access. An example of why you may want to use Trust By Name would be if you have a secure network but your network has two groups of administrators in two separate divisions, it would prevent one group from installing software to the wrong system. This option will not verify anything other than the Insight Manager 7 server name submitted.
Click Add Name to add the name of a device you want to trust. A dialog box displays asking you to enter the name of the device you want to trust.
Enter the name of the device you want to trust.
Click Finish.The installation is complete.
Delete allows you to remove any of the trusted certificate files that are displayed. To delete a certificate file, select the certificate file you want to delete and click Delete.
Related Topics