You can configure secure communications between each of the servers and
clients.
If you use an instance of Common Services that is installed on the same host, you can use a Common Services command to create a
common private key and server certificate, and configure SSL communications for Ops Center products installed on the same
host. For details, see the Hitachi Ops Center Installation and
Configuration Guide.
- Child Topics
- About security settings
In Ops Center Analyzer, you can use SSL and SSH to ensure
secure network communications. In SSL and SSH communications, communication routes are
encrypted to prevent information leakage and detect any data manipulation during transfer.
You can further enhance security using authentication.
- Workflow for configuring secure communications
The following figure describes the
workflow for configuring secure communication in the Ops Center Analyzer environment.
- Configuring an SSL certificate (Analyzer server)
Configure the Analyzer server as an SSL server by creating a
private key and a certificate signing request, applying for a server certificate, and
configuring secure communication.
- Configuring an SSL certificate (Analyzer detail view server)
Configure an SSL certificate to initiate a secure browser sessions. You
can either configure the CA signed or self-signed SSL certificate.
- Configuring an SSL certificate (Analyzer probe server)
Configure an SSL certificate to initiate secure browser sessions. You can
either configure the CA signed or self-signed SSL certificate.
- Configuring an SSL certificate (HTTP Proxy)
Configure an SSL certificate to initiate a secure connection while transferring the data from
Analyzer probe server to
Analyzer detail view server by creating a private key, creating a certificate signing request (CSR), and applying the server certificate.
- Configuring an SSL certificate (real time
data collection)
Enable SSL encryption to securely collect the real time data. You can
either configure the CA signed or self-signed SSL certificate.
- Configuring an SSL certificate (Ops Center Automator)
To use Analyzer server to specify
settings for SSL communication with Ops Center Automator, you must first enable SSL on Ops Center Automator. For details, see the section describing how to set up SSL in the
Hitachi Ops Center Automator Installation and Configuration Guide.
- Configuring an SSL certificate (LDAP directory server)
To set up SSL communication with the LDAP directory server in Ops Center Analyzer, you
must configure the SSL server on the LDAP directory server and then specify settings in the
Analyzer server. For details about SSL configuration on the LDAP directory server, see the
manuals about the LDAP directory server.
- Configuring an SSL certificate (Common Services)
To use Analyzer server to specify settings for SSL communication with Ops Center Common Services, you must first enable SSL for Ops Center Common Services. For details, see the description of SSL communication settings in the Hitachi Ops Center Installation and Configuration Guide.
- Configuring an SSL certificate (RAID Agent)
To initiate a secure session with a host that uses the RAID Agent services, you must create a private key and a certificate signing request (CSR), apply the server certificate, and configure secure communications.
- Setting an SSL cipher suite
You can set an SSL cipher suites for communication.
- Enabling host header validation for the
Analyzer probe or
Analyzer detail view servers
- Changing the
Analyzer detail view server UI session timeout