HPE Community
Server Management - Systems Insight Manager
1833780 Members
2162 Online
110063 Solutions
New Discussion

Sim 5 - Discovery and monitoring over WAN

 
Mark Tordoff
Occasional Contributor

‎03-13-2007 10:51 PM

‎03-13-2007 10:51 PM

Sim 5 - Discovery and monitoring over WAN

Probably a long shot, but hopefully there is a work around...

I have a number of (HP) Servers which have SMH and Foundation Agents installed on (and are working fine).

I am able to Discover and monitor (using SNMP - I know, I'm working WBEM - trying to get my head round it still!) these servers by opening the appropriate firewall ports, and I'm getting the severe, major and minor alert updates - which always helps.
Luckily, so far I'm only monitoring 1 server on the other side of each firewall (untrusted domains too by the way - so no domain authentication can be done - possibly my WBEM problem?)...

However, shortly I will be looking at monitoring a site that has 2 HP Servers - obviously firewall port forwarding can only forward traffic of (SNMP for example) to one server - how am I able to monitor the 2nd server?
Is the only way to force the monitoring out through another port?
Can SNMP be send on something other than 161?
If so, is that for everything (pointless in my case), or for that one server only?
Any help appreciated.

Also, anyone with any experience of WBEM, could you please explain how it works, and how to configure WMI on the server so that WBEM and WMI talk together (as I understand it, WMI is Microsofts implementation of WBEM?).

Again, any help appreciated.
Thanks, Mark
0 Kudos
Reply
4 REPLIES 4
LukaS_9
Regular Advisor

‎03-23-2007 04:02 AM

‎03-23-2007 04:02 AM

Re: Sim 5 - Discovery and monitoring over WAN

Hi mark,
maybe you can find something in this documentation:

http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00210041/c00210041.pdf

regards
luca
0 Kudos
Reply
David Claypool
Honored Contributor

‎03-23-2007 05:33 AM

‎03-23-2007 05:33 AM

Re: Sim 5 - Discovery and monitoring over WAN

At this time it is not practical to get anything other than rudimentary data on a ProLiant server using WMI/WBEM. Comprehensive monitoring of all the ProLiant value-add requires SNMP. We have been making progress towards WMI/WBEM in the product set (the ability of HP SIM to talk WBEM is a major step) but it will probably not be until 2008 when SNMP will become optional.

That being said, the fact that SNMP transmits in clear text is not all that important because communications with HP SIM are with SNMP READs only (an SNMP GET with a write-enabled string never needs to traverse the wire). Reasonable measures can be taken to secure a management environment even while using SNMP. I've attached a presentation I did at last year's HP Tech Forum that contains some guidance.
0 Kudos
Reply
Mark Tordoff
Occasional Contributor

‎03-25-2007 07:49 PM

‎03-25-2007 07:49 PM

Re: Sim 5 - Discovery and monitoring over WAN

Thanks guys for the help and advice.
Also, thank you for clearing up the SNMP vs WMI/WBEM issue.

I'll concentrate on SNMP, and securing it and its associated components as much as I can then.

Mark
0 Kudos
Reply
AndyCo
New Member

‎12-05-2007 05:47 PM

‎12-05-2007 05:47 PM

Re: Sim 5 - Discovery and monitoring over WAN

David,

I too have been struggling to get my head round managing systems in a DMZ using WBEM/WMI on Windows. Your presentation was very helpful. Am I right in thinking that although HP don't recommend using SNMP to manage systems in untrusted networks; really that is the only option as WBEM/WMI support is limited at the moment and as long as you secure SNMP using the community string and configuring systems to accept packets from the CMS then that is the way to go?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.