beautypg.com

Security properties, Protocols and ports numbers, Credentials – HP Insight Control User Manual

Page 11: Use of management lan, Security properties for data center power control

background image

Other scenarios include the following:

Data center monitoring detects that an external power source has failed or is about to fail.
The data center continues to operate on a backup power source, but the load must be reduced
to make the best use of the limited capacity of the UPS.

Data center monitoring detects that a chiller has failed or is about to fail. The data center
continues to operate, but the load must be reduced so that the data center stays cool (and the
critical workloads stay up) as long as possible.

Data center management is asked by the local utility company to reduce data center power
usage by some proportion.

A failure in a primary data center triggers the need to bring up a standby data center.

The Data Center Power Control facility can be used to handle all of these scenarios and many
others.

The Data Center Power Control facility has two pages. The Data Center Power Control Rules page
is used to define rules, and the Data Center Power Control page is used to invoke the rules.

Security properties

Protocols and ports numbers

Insight Control power management uses the following ports or external interfaces to aid
administrators in deployment and proper operation of the power management features:

Default port number

Protocol

System/Device

443

SSL

HP ProLiant and Integrity iLO

443

SSL

HP c-Class Onboard Administrator

22

SSH

Servers

5989

WBEM HTTPS

Integrity servers

161

SNMP

PDR/PDU

50443

SSL

HP Intelligent PDU (iPDU)

Credentials

Login credentials are presented to all systems as configured within the Systems Insight Manager
Security and power management options. Note that the use of global credentials will cause all
credentials to be presented to systems during discovery. Untrusted or compromised systems may
then observe the incoming credentials and use them for attacks on other systems. Therefore, HP
recommends that only system-specific sign-in credentials be utilized to limit potential disclosure of
login credentials.

Use of management LAN

HP recommends that all communications between the Systems Insight Manager CMS and the
management processors be transmitted over a secure LAN that is isolated from the remainder of
your network. This ensures that SNMP data collection (which is inherently insecure) cannot be
observed or monitored by other entities, and it reduces the potential for external attacks on
management processors by untrusted or compromised systems.

Security properties for Data Center Power Control

To define and manage rules, you need to have access to the Data Center Power Control Rules
page. Access to this tool is controlled by standard Systems Insight Manager tool authorizations.
Alternatively, it is possible to define and manage rules if you have write access to the directory on

Security properties

11

This manual is related to the following products: