swaussie

Any peeps here familiar with this software?

We are looking to deploy it and have it run by the guys in our London offices. Due to legal requirements we cannot allow them the ability to remotely deploy BIOS, agents or drivers. Is this a feature that can be turned on and off by us??
Thanks for any help

Kieran_Burns

iTrader: (1)

You should be able to set their accounts up with read only access (both in SNMP) and in the web front end, so yes you can restrict them being able to remotely deploy updates.

Are you using it for monitoring purposes only?

swaussie

Thanks for the reply Kieran. The idea is to use it for "monitoring only" but I see it has the ability to remotely deploy BIOS and driver updates. This would certainly raise the eyebrows of our Auditors as being in breach of the rules. (swiss banking laws). We want London to monitor and set traps to email us if there is a problem but they should not be allowed to change anything on the servers themselves.

Kieran_Burns

iTrader: (1)

You'll be using SNMP to monitor / configure the Servers via Insight Manager.

You need to create at least two different security levels (we use the Read Only and Read/Create levels) each will have a complex password associated with it. You give the remote monitoring guys the Read Only password and keep the read/create ones yourself.

You should also configure SNMP to accept SNMP queries from specific IP's only.

If you're worried about remote version control - you will be the ones controlling the Version Control Repository Manager anyway (I hope) and you can also set up accounts in the System Management homepage that will restrict the remote guys to USER status only.

We use local host access to define what HP System Management can do.