Table of Contents
Advertisement
SNMP Services
The SNMP Services enable the flow of basic management information between the managed server
and HP SIM. These components process SNMP Gets and Sets, as well as the SNMP Traps used in
alerting.
Microsoft SNMP Agent Service
The Microsoft SNMP Agent Service provides the core set of SNMP services used by the Insight
Management system on the managed server. The following services are included:
Fulfillment of SNMP Gets to deliver information from the HP MIB to authorized requesting services.
In the Insight architecture, MIB information is typically requested from the SIM server or from a
process associated with the SMH framework.
Processing of SNMP Sets, which are used to change SNMP configuration information as well as
alert thresholds for server management information.
The Microsoft SNMP Agent Service provides a standard SNMP interface to external processes.
However, its internal structure is very specific, using its own set of application program interfaces
(API's). The HP Insight Agents are specifically designed to work with the Microsoft SNMP Agent
Service and will not interoperate with other SNMP stacks.
Management Information Base
The Management Information Base defines all of the information collected about the managed system.
In the HP Insight Architecture, the four Insight Agents collect the MIB information and store it in an
extension to the Windows Registry. When MIB information is requested, the Microsoft SNMP Agent
Service uses the Insight Agents to retrieve information from the Windows Registry before delivering it
to the requesting process, typically the HP SIM server or the System Management Homepage.
Enhancing SNMP Security
The SNMP protocol provides basic security and access authorization through the use of community
strings. However, standard SNMP protocol does not encrypt the community strings or the
management information that it sends or receives. This leaves the information vulnerable to being
intercepted (snooped) over the network. The HP Insight Management framework provides a more
secure management environment by establishing a separate certificate-based SSL communication
channel between the SIM server and the managed server. This channel is actually a part of the SMH
framework, and it used by the Insight Management framework as the transport mechanism for all
secure information. Other, less sensitive information is still sent to the HP SIM server over standard
SNMP from the Microsoft SNMP Agent Service.
To further enhance security, at installation, the Insight Management Agents architecture configures the
Microsoft SNMP Agent Service to restrict SNMP writes to the local host only. This prevents any
external agent from being able to execute writes to the managed server. The HP SIM server is still
able to implement SNMP Sets since its commands are sent over the encrypted link and are actually
executed locally.
7
Advertisement
Table of Contents
