topic Re: VCRM Repository automatic update security in Server Management - Systems Insight Manager https://community.hpe.com/t5/server-management-systems/vcrm-repository-automatic-update-security/m-p/3796763#M20510 <BR />It would be good to implement a server authentication (like in ssl protocol) in order to ensure the repository is trusted...<BR /><BR />Do you know, maybe, if a catalog file is downloaded from a trusted source and then files hashes compared to make sure files are genuine ?<BR /><BR />Regards<BR /><BR />Angelo Fri, 02 Jun 2006 06:28:50 GMT Pagnotta 2006-06-02T06:28:50Z VCRM Repository automatic update security https://community.hpe.com/t5/server-management-systems/vcrm-repository-automatic-update-security/m-p/3796761#M20508 <BR />Hi everybody,<BR /><BR />Can anyone explain me the security that encompasses the automatic download of HP compoenets within VCRM service ?<BR /><BR />Is the connexion a ssl one ? Is the remote hp server authenticated by the client using an electronic certificate ? Or this connexion poorly secured meaning that a spoof of the remote server IP could allow somone upload stuff to the VCRM repository '<BR /><BR />Thanks in advance<BR /><BR />Angelo Tue, 30 May 2006 09:17:08 GMT https://community.hpe.com/t5/server-management-systems/vcrm-repository-automatic-update-security/m-p/3796761#M20508 Pagnotta 2006-05-30T09:17:08Z Re: VCRM Repository automatic update security https://community.hpe.com/t5/server-management-systems/vcrm-repository-automatic-update-security/m-p/3796762#M20509 VCRM use normal ftp download for automatic download, it connects to ftp.hp.com &amp; ftp.compaq.com and downloads the components needed Thu, 01 Jun 2006 23:20:33 GMT https://community.hpe.com/t5/server-management-systems/vcrm-repository-automatic-update-security/m-p/3796762#M20509 TechGuru 2006-06-01T23:20:33Z Re: VCRM Repository automatic update security https://community.hpe.com/t5/server-management-systems/vcrm-repository-automatic-update-security/m-p/3796763#M20510 <BR />It would be good to implement a server authentication (like in ssl protocol) in order to ensure the repository is trusted...<BR /><BR />Do you know, maybe, if a catalog file is downloaded from a trusted source and then files hashes compared to make sure files are genuine ?<BR /><BR />Regards<BR /><BR />Angelo Fri, 02 Jun 2006 06:28:50 GMT https://community.hpe.com/t5/server-management-systems/vcrm-repository-automatic-update-security/m-p/3796763#M20510 Pagnotta 2006-06-02T06:28:50Z