Standard communication settings for Operations Center, as well as the dashboard and CMS, are configured using the Configuration Manager for each component. In some cases, configuration changes on one server might require changes in another. In all cases, enabling SSL requires Keystore and Trust Store configuration.
For more information about configuring Keystore and Trust Stores, see Section 5.2, Keystore and Trust Store Configuration.
The following sections describe the standard configuration options available and their interdependencies:
Section 5.1.1, Understanding Options in the Operations Center Configuration Manager
Section 5.1.2, Understanding Options in the Dashboard’s Configuration Manager
Section 5.1.3, Understanding Options in the CMS’ Configuration Manager
Section 5.1.5, Understanding Security Requirements for the Image Server
In the Operations Center server’s Configuration Manager, use the settings on the
pane to establish the type of communications security for the Operations Center server and between the dashboard, CMS, and Web services.For information on accessing the Operations Center Configuration Manager, see the Operations Center 5.5 Server Configuration Guide.
Figure 5-1 Operations Center Configuration Manager Security Pane
Table 5-1 describes the Security pane settings.
Table 5-1 Operations Center Configuration Manager Security Pane Settings
Setting |
Default |
Description |
---|---|---|
Client/Server Communication Mode |
Unsecured Communication |
Specifies the level of security for communications used between the Operations Center clients and server:
When you make selections for this option, there are various dependencies you need to be aware of. For details on each of these selections and dependent settings, see Section 5.1.4, Understanding Dependency Requirements for Operations Center Client/Server Communications. IMPORTANT:When SSL communications are used, you must set up a Keystore and Trust Store. See Section 5.2, Keystore and Trust Store Configuration. |
Remote Services Security (RMI) |
Unsecured communication |
Specifies the level of security used for the RMI (Remote Services Port) communications between Operations Center and the dashboard, and between Operations Center and CMS. Select from:
IMPORTANT:When SSL communications are used, you must set up a Keystore and Trust Store. See Section 5.2, Keystore and Trust Store Configuration. |
Web Services Communication Security |
Unsecured communication |
Specifies the level of security used for communications between third-party applications and the Operations Center Web Services Application Programmer Interface (WSAPI):
This setting governs the level of security for communications through the port as defined with the setting on the page.IMPORTANT:When SSL communications are used, you must set up a Keystore and Trust Store. See Section 5.2, Keystore and Trust Store Configuration. See the Operations Center 5.5 Web Services Guide for more information on Web Services. |
The dashboard has it’s own Configuration Manager to configure communication options with Operations Center and the Web browsers through which users access the dashboard:
In the dashboard’s Configuration Manager, use the settings on the
pane to establish the type of communications security between the Operations Center server and the dashboard. The settings on the pane must match the settings in the Operations Center Configuration Manager.For more information about these dependencies, see Section 5.1.4, Understanding Dependency Requirements for Operations Center Client/Server Communications.
Use the settings on the
pane to establish the type of communications security between Web clients and the dashboard.Table 5-2 describes the settings that govern communications with Web browsers.
Figure 5-2 Dashboard Configuration Manager, Dashboard Pane
Table 5-2 Dashboard Configuration Manager Dashboard Pane Settings
Setting |
Default |
Description |
---|---|---|
Dashboard Communication Mode |
Unsecured Communication |
Specifies the level of security for communications used when Web clients access the dashboard:
IMPORTANT:When SSL communications are used, you must set up a Keystore and Trust Store. See Section 5.2, Keystore and Trust Store Configuration. |
Dashboard Web Server Port (HTTP) |
8080 |
Port used when Web browser access to the dashboard is unsecure. Enabled when the unsecure communication or Support both unsecure and secure communication. is set to |
Dashboard Web Server Port (HTTPS) |
8443 |
Port used when Web browser access to the dashboard is secure. Enabled when the Secure communication using SSL or Secure communication using SSL and Client Certificates. is set to |
The CMS has it’s own Configuration Manager to configure communication options with Operations Center and the Web browsers through which users access CMS:
Use the settings on the Configuration Manager
pane to establish the type of communications security between the Operations Center server and the CMS. The settings on the pane must match the settings in the Operations Center Configuration Manager.For more information about these dependencies, see Section 5.1.4, Understanding Dependency Requirements for Operations Center Client/Server Communications.
Use the settings on the
pane to establish the type of communications security between Web clients and the CMS.Table 5-3 describes the settings that govern communications with Web clients.
Figure 5-3 Configuration Management System Configuration Manager, Configuration Management System Pane
Table 5-3 Configuration Management System Configuration Manager, Configuration Management System Pane Settings
Setting |
Default |
Description |
---|---|---|
Configuration Management System Communication Mode |
Unsecured Communication |
Specifies the level of security for communications used when Web clients access the CMS:
IMPORTANT:When SSL communications are used, you must set up a Keystore and Trust Store. See Section 5.2, Keystore and Trust Store Configuration. |
Configuration Management System Web Server Port (HTTP) |
8080 |
Port used when client access to the CMS is unsecure. Enabled when unsecure communication or Support both unsecure and secure communication. is set to |
Configuration Management System Web Server Port (HTTPS) |
8443 |
Port used when client access to the CMS is secure. Enabled when the Secure communication using SSL or Secure communication using SSL and Client Certificates. is set to |
The level of security for communications used between the Operations Center clients and server is set in the Configuration Manager for the Operations Center server by using the
option.Figure 5-4 Client/Server Communications Mode Option in the Operations Center Configuration Manager
Each selection for this option requires other settings to be configured in order to properly set up the level of security for communications. Sometimes these corresponding settings are made in the Configuration Managers for other Operations Center components.
Both the dashboard’s and CMS’ Configuration Managers contain settings for the Operations Center server that must match the same settings in the Operation Center Configuration Manager. These settings govern communications between Operations Center and these components.
Figure 5-5 shows the page that contains these settings and is present in both the dashboard’s and CMS’ Configuration Managers.
Figure 5-5 Dashboard Configuration Manager, NetIQ Operations Center page
The following sections describe the various dependencies for each security level selection:
When the Unsecured communication on the page in the Operations Center Configuration Manager:
is set toThe HTTP Web Server port is open. Note the value set for the
on the page in the Configuration Manager.In both the dashboard’s and CMS’ Configuration Managers, set the following in the
pane:Set Unsecured communication.
toVerify the setting for
matches the value set in the Operations Center Configuration Manager for ( ).When the Secured communication using SSL on the page in the Operations Center Configuration Manager:
is set toThe HTTPS Web Server port is open. Note the value set for the
on the page in the Configuration Manager.In both the dashboard’s and CMS’ Configuration Managers, set the following in the
pane:Set Secured communication using SSL.
toVerify the setting for
matches the value set in the Operations Center Configuration Manager for ( ).IMPORTANT:When SSL communications are used for the Operations Center server, dashboard or CMS, you must set up a Keystore and Trust Store. See Section 5.2, Keystore and Trust Store Configuration.
When the Support both unsecured and secured communications on the page in the Operations Center onfiguration Manager:
is set toBoth the HTTP and HTTPS Web Server ports are open. Note the value set for the
and on the page in the Configuration Manager.In the dashboard’s and/or CMS’ Configuration Manager, set the following:
To use secure communications do the following:
Set Secured communication using SSL.
toVerify the setting for
matches the value set in the Operations Center Configuration Manager for ( ).To use unsecure communications do the following:
Set Unsecured communication.
toVerify the setting for
matches the value set in the Operations Center Configuration Manager for ( ).IMPORTANT:When SSL communications are used for the Operations Center server, dashboard or CMS, you must set up a Keystore and Trust Store. See Section 5.2, Keystore and Trust Store Configuration.
An Image Server allows Web clients (including the Operations Center console and dashboard) to render dynamic and 3‑D charts. It is important to secure the image server port .
For more information about the Image Server and the Image Server port, see Image Server
in the Operations Center 5.5 Server Configuration Guide