Information security – HP Matrix Operating Environment Software User Manual

Page 143

Table 2 Resources visible to service provider and organization administrators and users (continued)

Organization
user/group access

Organization
administrator
access

Service provider
user access

Service provider
administrator
controls

Origination

Resource

(physical servers,
VM Hosts, ESX

and the user is
assigned to the

by the service
provider
administrator

service provider
level and the user
is assigned to the

to one
organization

resource pools,

pool containing

and cloud
resources )

the resource by the
organization
administrator

the resource by
the service
provider
administrator

Allocate a
separate storage

Automatically
generated by

Storage pool
entries

tag to each

Matrix OE, or

organization.

created by service

Match logical disk

provider

tags with storage

administrator using

pool entry tags, or

Matrix OE logical

choose the

server

appropriate SPM

management,

storage template

optionally using

using tags in the
IO template

Storage
Provisioning
Manager

IO does not include or preclude active firewalling between VLANs.

Storage management for physical server blades can be performed only by the service provider administrator.

Information security

The following table shows the information that is visible to the service provider administrator, service
provider user, organization administrator, and organization user.

Service provider administrators and users see messages only related to that organization. To
prevent information from passing from one organization to another through storage, infrastructure
orchestration scrubs both the boot and data disks when a service is deleted.

Only the service provider administrator can log in to the infrastructure orchestration CMS to access
other technologies such as logical server management and Systems Insight Manager, and detailed
infrastructure orchestration logs.

Security in infrastructure orchestration multi-tenancy

143