Operating System - HP-UX
1748019 Members
5057 Online
108757 Solutions
New Discussion юеВ

Re: Question from HP Labs about email vs. https

 
SOLVED
Go to solution
Brad Klein
Advisor

Question from HP Labs about email vs. https

Under programs like the Instant Capacity On Demand (iCOD) program, servers are currently required to "phone home" to HP. Today, this communication is done using encrypted email from the iCOD server at a customer's site, to HP.

We have found that in many production environments, e-mail communication back to HP is unsuccessful for a variety of reasons (security policy, network connectivity, e-mail restrictions, e-mail infrastructure, etc). As a result, we are investigating other alternatives. One alternative under consideration is secure http (HTTPS). Customer feedback related to the pros/cons of e-mail vs HTTPS as a way of "phoning home" is of great interest to us.

Are there currently any restrictions with respect to e-mail from your production servers to HP? What are they?
- e-mail or network connectivity?
- e-mail related policies (i.e. no
root e-mail, etc)?
- privacy related to transmitted data
in the e-mail?
- disclosure of domain information in
mail headers?
- firewall configuration?
- other?

Would the HTTPS transport, if communication was initiated from the production server, do anything to ease any of these concerns? Which ones? Why or why not?

Does it raise new concerns? What are they?

What restrictions, if any, are there in your environment related to HTTPS communication from your production servers to HP?
- network connectivity?
- HTTP proxy existance/
non-existance/configuration?
- data privacy (even with secure
HTTP?)?
- firewall configuration?
- other?

Any other real world insight into pros and cons of e-mail and HTTPS transports as a method of communication from a production system to HP is greatly appreciated as we design and develop our future products.
20 REPLIES 20
Mark Greene_1
Honored Contributor
Solution

Re: Question from HP Labs about email vs. https

>>Would the HTTPS transport, if communication was initiated from the production server, do anything to ease any of these concerns? Which ones? Why or why not? <<

If this required an http server running on the HP box, then yes, this would be a huge problem for me. Security policy, company policy, and similar issues with firewall configuration would have to be addressed.

HTH
mark
the future will be a lot like now, only later
Brad Klein
Advisor

Re: Question from HP Labs about email vs. https

In response to Mark's question, a web-server would not be required on the HP box, just an https client. The https communication would be push only.
Pete Randall
Outstanding Contributor

Re: Question from HP Labs about email vs. https

Hi,

I'm with Mark, this would be a huge issue for me as well. In my own case, e-mail would be much simpler.

Pete

Pete
harry d brown jr
Honored Contributor

Re: Question from HP Labs about email vs. https

Brad,

That would suck for those of us using PROXY firewall's, especially Raptor firewalls, to get to the internet. We would have to configure a firewall username, then somehow have https do a proxy login to the firewall with username/password.

Of course we don't use HP predictive support, and we don't allow modems on our servers, so it doesn't matter.

And we have a few iCod machines that don't have modems on them.


live free or die
harry
Live Free or Die
Jon Mattatall
Esteemed Contributor

Re: Question from HP Labs about email vs. https

We use Raptors and firewall redirects in the DMZ here as well, and it seems this would just be a HUGE pain, as well as driving IT Security out of their minds. By the time they tested it to their satisfaction, the product would be discontinued.

Email's gotta be simpler.

Jon
A little knowledge is dangerous - none is absolutely terrifying!!!
Dave van Nierop
Advisor

Re: Question from HP Labs about email vs. https

The https client idea clashes with our company security policy. I agree with everybody else - email is the way to go.

- Dave
John Payne_2
Honored Contributor

Re: Question from HP Labs about email vs. https

I can get email out. It is recieving email back that is the problem here. I doubt I could get the 'powers that be' to punch a hole for some of our servers just to allow the https request to go through once in a while...

Hope it helps

John
Spoon!!!!
George_Dodds
Honored Contributor

Re: Question from HP Labs about email vs. https

HTTPS is damn usefull, just had an engineer check work on one of my servers through a hp webex meeting. He used my laptop to bounce to the server as there is no external access and sorted a long outstanding problem.

Saved sorting out an onsite. :)

Cheers

George
Tracey
Trusted Contributor

Re: Question from HP Labs about email vs. https

With my companies current security configuration, email would be the only way to go. We have no direct connection to the internet. Sehding email from the HP boxes to the internet is also very tricky, but can be done.

Tracey