Chapter 20. SecurityOpenView Operations (OVO) offers server, user, and process security checks during communications between the management server and the managed nodes. Authentication checks include server and node names, user passwords, process transaction requests, and data exchanges over the network media. For example, the managed node verifies that a requesting management server is authorized to request information from the node prior to sending messages or allowing data distribution.Opportunities exist to make all levels of the OpenView communications model more secure if necessary. With OVO 8.0, the nodes that are located outside the firewall are now easily managed using the new built-in Internet secure agent. OVO also supports secure shell (as an add-on) for message forwarding, application transactions, and data exchanges over the network.The primary communications model (up to version 7.10) was RPC based. The RPC clients and servers exist on the OVO nodes and servers. These programs run as dedicated processes during normal operations and play an important role in the data exchange methodology. Non-RPC- based agent communication options such as secure hypertext transfer protocol (HTTPS)-based agents are also available for communications between the server and managed nodes.This chapter outlines the three primary OpenView communications models, including RPC, non-RPC, and HTTP at a high level along with relevant reference information on the standard network protocols used to implement the technology. Examples are used throughout the chapter as we cover the security aspects of the process, password, network, data, and user environments. Popular security enhancements are also discussed. Refer to Appendix C, "Resources," for information on security-related resources. |
لطفا منتظر باشید ...
