beautypg.com

5 managing virtual machines, Task: vmm security properties – HP Insight Control User Manual

Page 20

background image

5 Managing virtual machines

Task: Taking backup of virtual machine management database

You must perform a backup of the VMM database to recover the configuration files/data in case
the application crashes.

Take a backup of the following two registry entries:

Installation Key

HKEY_LOCAL_MACHINE\SOFTWARE\HP\Insight Control virtual machine management

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\HP\Insight Control virtual

machine management

Uninstallation Key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HP

Insight Control virtual machine management_is1

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HP

Insight Control virtual machine management_is1

NOTE:

If the machine is 64 bit, these entries will be at 32–bit space and 64–bit space

Additionally, the VMM requires that you take a backup of these files:

[ProdDir]/log

[ProdDir]/bin/hpglobal.conf

[ProdDir]/bin/hpvmm.conf

[ProdDir]/clientapi/bin/hpvmm.conf

[HPSIM]/hpvmm.conf

[ProdDir]/bin/windows/hpvmmsvc.conf

[ProdDir]/bin/windows/hpvmmweb.conf

[ProdDir]/lib/vmtoolstrust.ks

[ProdDir]/../VMMTemplateLib

Here, ProdDir is the VMM Installation Directory and HP SIM is the HP SIM Installation Directory

Task: VMM security properties

The VMM runs with administrative permissions. Hence, it is important to ensure that the management
server is appropriately protected to avoid unauthorized access.

VMM supports the following ciphers for encrypted SSL connection:

1.

SSL_RSA_WITH_RC4_128_MD5

SSL_RSA_WITH_RC4_128_SHA

TLS_RSA_WITH_AES_128_CBC_SHA

2.

Insight Control virtual machine management uses Systems Insight Manager generated self-signed
certificates. In order to communicate with vCenter on HTTPS, you must enforce host/vCenter
certificate validation for performing any operation on the host. By default, VMM does not
enforce host certificate validation. To enforce the host/vCenter certificate, you must set the
"RequireCertificate" parameter to '1' in hpvmm.conf file, found in the following location:

/bin/hpvmm.conf

20

Managing virtual machines

See also other documents in the category HP Tools: