Security considerations | HP J4370A, A6584A, A1354A, A1353A, A1356A

Security considerations

Security considerations overview

The management module implements strict security for two important reasons:

•The module manages devices that have the potential to perform operations that are sensitive and destructive.

•The management module has browser accessibility.

To better ensure the security of the management module and the devices it manages, consider the following topics in accordance with your organization's security policies and the environment in which the module will operate.

•Remote access to the management module requires a user account. Logging in requires the use of a user name and password, which should be kept properly secured.

•Each account can be given different access levels, providing different capabilities. Ensure that the appropriate access level is granted to users.

•Browsing to the management module can be done using SSL, which encrypts the data between the browser and management module. The module is supported by a 128-bit encryption level. SSL also provides authentication of the management module by means of its digital certificate. Securely importing this certificate must be done to ensure the identification of the management module.

•Use a custom SSL certificate that is certified by a third-party SSL authority.

•Use non-standard ports for the management module web interface.

•Disable telnet if remote configuration is not used.

•Disable the web interface if the web interface is not preferred.

Security considerations 110

Image 110

HP J4370A, A6584A, A1354A, A1353A, A1356A, J4373A, J4367A manual Security considerations overview

Contents

HP UPS Management Module User Guide Audience assumptions Contents HP UPS Management Module web interface Technical support Alert messages 104 Introduction FeaturesOverview HP UPS Power Protection Agent overview HP UPS Power Protection Agent requirements Typical hardware configurations Configuration a Configuration B Configuration C Configuration D Configuration E Configuration F Configuration G Web interface requirements Software Browser Component identification Front panel Required tools Installing the HP UPS Management ModuleInstalling the management module Installing the HP UPS Management Module Checking the Error LED Connecting the network cable Connecting the configuration cable Launching a terminal emulation program Configuring the management module for remote access Press any key in 5 seconds to enter Service menu Connecting devices Installing the HP UPS Management Module Press the Reset button on the management module front panel Installing the agent on Windows operating systems Installing the HP UPS Power Protection AgentInstallation overview Installing the agent using the GUI method Installing the HP UPS Power Protection Agent Installing the HP UPS Power Protection Agent Installing the HP UPS Power Protection Agent Installing the agent using the silent installation method Reconfiguring the agent on Windows operating systems DevManRA.ini Installing the agent on Linux operating systems Installing the agent using the installation script Installer launches a separate configuration program Installing the agent on Sles Log Installing the agent on an Itanium system Reconfiguring the agent on Linux operating systemsInstalling the agent on HP-UX operating systems SetupRA Installing the agent using the silent installation method Uninstalling components from Linux systems Reconfiguring the agent on HP-UX operating systemsUninstalling components from Windows systems Uninstalling components from HP-UX systems Installing the HP UPS Power Protection Agent HP UPS Management Module web interface overview Accessing the web interfaceHP UPS Management Module web interface Web browser Signing in to the web interface System tray icon Browser security alert Establishing a secure session for Internet Explorer Secure session for Mozilla or SeaMonkey Navigating the web interface Establishing a secure session for Firefox Home tab Overview menu Normal Critical HP UPS Management Module web interface Alarms menu Identification menu HP UPS Management Module web interface Parameters menu HP UPS Management Module web interface Manual Control menu Logs tab Event Log menu HP UPS Management Module web interface Application Log menu Setup tab My Account menu User Accounts menu Network menu Network Management menu System Information tab Trap Receivers tab Snmp Managers tab Remote Access tab Event Notifications menu Events tab Email Setup tab Attached Devices menu Snmp Traps tab UPS Controlling a load segment Add / Edit Attached Device screen HP UPS Management Module web interface Power Fail menu Advanced power fail settings Low Battery-Selected Low Battery-Deselected Shutdown Events menu Scheduled Shutdowns menu Help tab Add/Edit Scheduled Shutdowns screen About menu Contents menu Info & Updates menu Accessing the Service Menu HP UPS Management Module Service MenuHP UPS Management Module Service Menu overview Telnet session Navigating the menus Terminal emulation session UPS Monitor submenu Service MenuHP UPS Management Module Configuration Utility Power Protection submenu Network Configuration submenuBattery submenu Remote Console submenu Network Settings submenuWeb Access submenu Snmp submenu Emails submenu Snmp Traps submenu Date/Time Configuration submenu System Configuration submenuSession Settings submenu User Accounts submenu Network Time Protocol submenu Option number Submenu Description Attached device communication errors appear TroubleshootingAgent does not install on RH Itanium Attached device did not shut down gracefully Battery Test did not run Browser incorrectly displays English or Japanese characters Email notifications are not received from an HP-UX server Certificate errorError LED illuminates or flashes Event notification messages do not appear on console screen FTP error messages appear when connecting through LinuxFlash update fails over a serial connection Event notifications are not being sent Input frequency shows zero HPFlash does not install image.bin on a PentiumInstallShield error code -6001 appears during setup Invalid IP address Low battery warning is displayedManual Load Dumped alarm not working Links in traps and emails do not work correctly for Linux On battery alarm No powerNon-admin users cannot log in through telnet On boost alarm Receiving a security error Redundant UPS status Servers running Windows Server 2003 do not restart Sles 10 agent does not autostart after power fail or rebootSilent install did not execute successfully Task Bar menu does not clear Unable to edit devices using telnetUnable to locate the .INI files for a silent install Unable to discover a UPS Unable to start the HP UPS Power Protection Agent for Linux Unable to reboot the machineUnable to set event delays using telnet Utility alarm HP contact information Technical supportBefore you contact HP Federal Communications Commission notice Regulatory compliance noticesRegulatory compliance identification numbers Modifications Canadian notice Avis Canadien European Union regulatory notice Japanese notice Bsmi notice UPS alarms Alert messages Alarm text Description Nominal level Systems Insight Manager integration Systems Insight Manager overview Configuring HP SIM to receive traps Discovering the management module Configuring the management module to send traps to HP SIM Security considerations Security considerations overview Optional power monitoring using Snmp Snmp monitoring Updating the firmware Updating the firmware overview Redundant configuration Configuring the software for redundancy Redundant configuration Mass configuration Using the HP UPS Management Upgrade Utility Acronyms and abbreviations Https MII Index Linux, installing the agent Secure sessions, Internet Explorer