Nimsoft Unified Management Portal

Similar documents
CA Nimsoft Unified Management Portal

CA Nimsoft Unified Management Portal

Nimsoft Monitor. proxy Guide. v3.1 series

Unified Infrastructure Management Compatibility Matrix June 26, 2015

Nimsoft Monitor. sysstat Guide. v1.1 series

Unified Infrastructure Management Compatibility Matrix September 05, 2017

Nimsoft Monitor Server

Nimsoft Monitor. xendesktop Release Notes. All series

Nimsoft Monitor. controller Guide. v5.7 series

CA Nimsoft Monitor for Flow Analysis

Nimsoft Monitor. ntp_response Guide. v1.2 series

Nimsoft Service Desk. Single Sign-On Configuration Guide. [assign the version number for your book]

Nimsoft Monitor. qos_processor Guide. v1.0 series

CA Nimsoft Service Desk

Nimsoft Unified Management Portal

Nimsoft Monitor. cluster Guide. v2.6 series

Unified Management Portal

CA Nimsoft Monitor for Flow Analysis

Nimsoft Monitor. exchange_response Guide. v2.5 series

CA Nimsoft Unified Management Portal

CA Nimsoft Unified Management Portal

Unified Management Portal

Nimsoft Monitor. ocs_monitor Guide. v1.3 series

Nimsoft Server. Nimsoft Monitoring Installer for the Vblock Infrastructure Platform - User Guide. Version 1.0

Nimsoft Monitor. db2mon Guide. v2.2 series

Nimsoft Monitor. websphere Guide. v1.5 series

Nimsoft Monitor. sharepoint Guide. v1.4 series

Nimsoft Monitor. reboot Guide. v1.4 series

CA Nimsoft Monitor. Implementing CA Nimsoft Monitor for Citrix CloudPlatform powered by Apache CloudStack

Nimsoft Monitor. wasp Guide. v2.7 series

Nimsoft Monitor. hpovsdgtw Guide. v1.2 series

Nimsoft Monitor. dirscan Guide. v3.0 series

Nimsoft Unified Management Portal

CA Nimsoft Unified Management Portal

Nimsoft Monitor. netapp Guide. v1.0 series

Nimsoft Monitor. websphere Guide. v1.6 series

Nimsoft Monitor. smsgtw Guide. v2.1 series

Nimsoft Monitor. netapp Guide. v1.1 series

Agilent EZChrom SI. Startup Guide

Nimsoft Service Desk. Agent User Guide. Version 6.2.4

SSL, Credit Card Transactions. CS174 Chris Pollett Nov. 5, 2007.

BenchCel Workstations Software

CA Cloud Service Delivery Platform

Agilent CSV Export Utility

Nimsoft Monitor. sybase Guide. v3.5 series

Agilent OpenLAB Chromatography Data System (CDS)

Setting Up Probes. Online Help

CA Cloud Service Delivery Platform

CA Cloud Service Delivery Platform

Agilent OpenLAB Data Analysis Upload Download Tool. User s Guide

CA SiteMinder. Advanced Password Services Release Notes 12.52

Agilent OpenLAB. Data Store. Maintenance Guide

Microscan Barcode Reader

Agilent E2094M IO Libraries

Agilent 1260 Infinity Purification Solution

Nimsoft Service Desk. Installation Guide 6.2.0

CA SSO. Agent for Oracle PeopleSoft Release Notes. r12.51

Deltek Maconomy. Navigator Installation

Agilent Lab Advisor. IT Administrator's Guide. Agilent Technologies

Agilent N2739A 1000 Series Oscilloscope Rack Mount Kit

How to Deploy and Use the CA ARCserve RHA Probe for Nimsoft

Nimsoft Service Desk

Agilent OpenLAB. Data Store. Backup and Restore Guide

Agilent Genomic Workbench 6.0

Nimsoft Unified Management Portal

Agilent OpenLAB Chromatography Data System (CDS)

pvs Release Notes All series

Unified Management Portal

Agilent Series Logic Analysis System

Apache Server Configuration for FLEXCUBE Oracle FLEXCUBE Universal Banking Release [December] [2017]

Agilent 89600B VSA. Software Installation Guide

SystemVue - WPAN Baseband Verification Library. SystemVue WPAN Baseband Verification Library

Apache Server Configuration for FLEXCUBE Oracle FLEXCUBE Universal Banking Release [May] [2016]

Nimsoft Unified Management Portal. SOC Probes Configuration Reference

Creating and Installing SSL Certificates (for Stealthwatch System v6.10)

Agilent OpenLAB Data Store. Maintenance Guide

Nimsoft Monitor. net_connect Guide. v2.9 series

CA Cloud Service Delivery Platform

BRM Accelerator Release Notes - On Premise. Service Pack

Automated Plate Labeling

Agilent Technologies E5385A 100-Pin Probe

CA Nimsoft Monitor. Probe Guide for iseries Job Monitoring. jobs v1.3 series

Agilent CytoGenomics 2.5

Copyright 1998, 2009, Oracle and/or its affiliates. All rights reserved.

CA Cloud Service Delivery Platform

Setting up a LAN Instrument Network. Installation Guide

Keysight 85130F NMD 2.4 mm to 3.5 mm Adapter Kit

GB-OS. Certificate Management. Tel: Fax Web:

CA Cloud Service Delivery Platform

U85026A Detector 40 to 60 GHz

Agilent OpenLAB Chromatography Data System (CDS)

CA Unified Infrastructure Management

Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at

CA Nimsoft Service Desk

CA IDMS Server. Release Notes. r17

Agilent InfiniiMax II 1168A/1169A Probes

CA ERwin Data Modeler

More Security, SSL, Credit Card Transactions. CS174 Chris Pollett Nov. 10, 2008.

Keysight 11878A 50 Ohm 3.5 mm Adapter Kit

CA Cloud Service Delivery Platform

Transcription:

Nimsoft Unified Management Portal DMZ Guide 6.0

Document Revision History Document Version Date Changes 1.0 12/15/2011 Initial version for UMP 2.6. Modified the instructions for configuring the Apache web server with mod_proxy_ajp and installing Apache 2 (ProxyRequests set to Off rather than On). 1.1 07/30/2012 Beta version for UMP 6.0. Revved versions. 1.2 9/28/2012 GA version. No changes from beta version.

Legal Notices Copyright 2012, CA. All rights reserved. Warranty The material contained in this document is provided "as is," and is subject to being changed, without notice, in future editions. Further, to the maximum extent permitted by applicable law, Nimsoft LLC disclaims all warranties, either express or implied, with regard to this manual and any information contained herein, including but not limited to the implied warranties of merchantability and fitness for a particular purpose. Nimsoft LLC shall not be liable for errors or for incidental or consequential damages in connection with the furnishing, use, or performance of this document or of any information contained herein. Should Nimsoft LLC and the user have a separate written agreement with warranty terms covering the material in this document that conflict with these terms, the warranty terms in the separate agreement shall control. Technology Licenses The hardware and/or software described in this document are furnished under a license and may be used or copied only in accordance with the terms of such license. No part of this manual may be reproduced in any form or by any means (including electronic storage and retrieval or translation into a foreign language) without prior agreement and written consent from Nimsoft LLC as governed by United States and international copyright laws. Restricted Rights Legend If software is for use in the performance of a U.S. Government prime contract or subcontract, Software is delivered and licensed as "Commercial computer software" as defined in DFAR 252.227-7014 (June 1995), or as a "commercial item" as defined in FAR 2.101(a) or as "Restricted computer software" as defined in FAR 52.227-19 (June 1987) or any equivalent agency regulation or contract clause. Use, duplication or disclosure of Software is subject to Nimsoft LLC s standard commercial license terms, and non-dod Departments and Agencies of the U.S. Government will receive no greater than Restricted Rights as defined in FAR 52.227-19(c)(1-2) (June 1987). U.S. Government users will receive no greater than Limited Rights as defined in FAR 52.227-14 (June 1987) or DFAR 252.227-7015 (b)(2) (November 1995), as applicable in any technical data. Trademarks Nimsoft is a trademark of CA. Adobe, Acrobat, Acrobat Reader, and Acrobat Exchange are registered trademarks of Adobe Systems Incorporated. Intel and Pentium are U.S. registered trademarks of Intel Corporation. Java(TM) is a U.S. trademark of Sun Microsystems, Inc. Microsoft and Windows are U.S. registered trademarks of Microsoft Corporation. Netscape(TM) is a U.S. trademark of Netscape Communications Corporation. Oracle is a U.S. registered trademark of Oracle Corporation, Redwood City, California. UNIX is a registered trademark of the Open Group. ITIL is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. All other trademarks, trade names, service marks and logos referenced herein belong to their respective companies.

Contact Nimsoft For your convenience, Nimsoft provides a single site where you can access information about Nimsoft products. At http://support.nimsoft.com/, you can access the following: Online and telephone contact information for technical assistance and customer services Information about user communities and forums Product and documentation downloads Nimsoft Support policies and guidelines Other helpful resources appropriate for your product Provide Feedback If you have comments or questions about Nimsoft product documentation, you can send a message to support@nimsoft.com.

Contents Chapter 1: Introduction 7 Prerequisites... 8 Chapter 2: Setting Up the DMZ 9 New Apache 2 Installations... 9 Installing Apache 2... 10 Existing Apache 2 Installations... 11 Configuring the Apache Web Server with mod_proxy_ajp... 11 Configuring the Apache Web Server for Secure Communication... 12 Contents 5

Chapter 1: Introduction This section describes how to set up the Unified Management Portal (UMP) to operate in a demilitarized zone (DMZ). Using a DMZ is the recommended way to set up UMP in a firewalled environment. You can install and configure the Apache 2 web server as a light-weight proxy server and enable SSL on the Apache 2 server. The following graphic shows a UMP implementation with a DMZ. For more information on using Nimsoft products with a DMZ, see the section on installing in a firewalled environment in the Nimsoft Monitor Server Installation Guide. This section contains the following topics: Prerequisites (see page 8) Chapter 1: Introduction 7

Prerequisites Prerequisites The DMZ installer runs on the following versions of Windows. Production environments: Microsoft Windows Server 2003 Microsoft Windows Server 2008 Small production environments and test environments: Microsoft Windows XP Microsoft Windows Vista 8 DMZ Guide

Chapter 2: Setting Up the DMZ This section tells you how to set up a DMZ to use with UMP. If you do not already have the Apache 2 web server and Apache Tomcat connector installed, you will install them using the SDP DMZ Wizard. If you do already have the Apache 2 web server and Apache Tomcat connector installed, you will configure them for use with UMP by editing configuration files. This section contains the following topics: New Apache 2 Installations (see page 9) Existing Apache 2 Installations (see page 11) Configuring the Apache Web Server for Secure Communication (see page 12) New Apache 2 Installations This section tells you how to install Apache 2 with the Apache Tomcat connector to allow access to UMP from the Internet. If you already have the Apache 2 web server with the Apache Tomcat connector installed, skip to Existing_Apache_2 Installations (see page 11). Installing Apache 2 and the Apache Tomcat connector consists of these high-level steps: 1. Run the SDP DMZ wizard on the server in the DMZ. This wizard installs the Apache 2 web server and the Tomcat connector. It also opens port 80 and port 8009 (or the ports specified in the SDP DMZ Wizard) on the server. 2. Edit the httpd.conf file. 3. Open port 8009 on the inside firewall and port 80 on the outside firewall. If you are using SSL, also open port 443 (or an alternative port) on the inside firewall. The following sections tell you in detail how to do these steps. Chapter 2: Setting Up the DMZ 9

New Apache 2 Installations Installing Apache 2 Run the SDP DMZ wizard on the server in the DMZ. This wizard installs the Apache 2 web server and the Tomcat connector. 1. Download the SDP DMZ installation file from the Nimsoft support site: http://support.nimsoft.com/downloads/sdp-v02/sdp-v0261/ga/ga1/installation/ Nimsoft-SDP-DMZ-V0261.exe If the link does not work, go to the Nimsoft support site Downloads page and under Nimsoft Service Delivery Portal 2.6.1 GA Build 1210 click on Nimsoft SDP DMZ installation. 2. Execute the Nimsoft-SDP-DMZ-V0261.exe file. 3. In the License Agreement dialog, read the text and click Yes. 4. In the Choose Destination Location dialog, click Browse to choose another directory if wanted, then click Next. 5. In the Proxy Server Configuration dialog, enter: The IP address and port of the UMP server. The default is port 8009. The IP address and port number of the Unified Reports Server (if you want to use Unified Reports). Note: For UMP, Unified Reports must be installed on the same host as UMP, so the host and port for SDP Server and SDP Unified Reports Server must be the same. The port to be opened for the DMZ Server (from outside the firewall into the web server in the DMZ). The default is port 80. 6. Click Install. If you need to change the port number for the Tomcat server, see the section Existing_Apache_2 Installations (see page 11). The installer copies files. 7. When the installer finishes, click Finish to exit the installation wizard. 8. Open the Apache2/conf/httpd.conf file for editing and add the following lines to the end of the file before the line ProxyRequests Off: ProxyPass / ajp://<ump server>:8009/ ProxyPass /c/portal ajp://<ump server>:8009/c/portal ProxyPass /web/guest ajp://<ump server>:8009/web/guest 10 DMZ Guide

Existing Apache 2 Installations The lines look similar to this: ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / ajp://<ump server>:8009/ ProxyPass /c/portal ajp://<ump server>:8009/c/portal ProxyPass /web/guest ajp://<ump server>:8009/web/guest ProxyRequests Off 9. Open port 8009 on the inside firewall and port 80 on the outside firewall. If you are using SSL, also open port 443 (or an alternative port) on the inside firewall. The DMZ is now set up to use with UMP. Existing Apache 2 Installations This section tells you how to configure an existing Apache 2 web server with the Apache Tomcat connector to allow access to UMP from the Internet. Configuring the Apache Web Server with mod_proxy_ajp 1. Open the Apache configuration file, httpd.conf, for editing. 2. Uncomment the following line: LoadModule proxy_module modules/mod_proxy.so 3. Uncomment the following line: LoadModule proxy_ajp_module modules/mod_proxy_ajp.so 4. Add the following lines at the end of the file before the line ProxyRequests Off: ProxyPass / ajp://<ump server>:8009/ ProxyPass /c/portal ajp://<ump server>:8009/c/portal ProxyPass /web/guest ajp://<ump server>:8009/web/guest The lines look similar to this: ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / ajp://<ump server>:8009/ ProxyPass /c/portal ajp://<ump server>:8009/c/portal ProxyPass /web/guest ajp://<ump server>:8009/web/guest ProxyRequests Off Chapter 2: Setting Up the DMZ 11

Configuring the Apache Web Server for Secure Communication 5. Restart the Apache 2 web server. For more information about Apache servers, see: http://httpd.apache.org/docs/2.2/mod/mod_proxy.html http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html Configuring the Apache Web Server for Secure Communication If you want to run UMP with SSL (Secure Sockets Layer) and HTTPS (Hypertext Transfer Protocol Secure), you must configure the Apache 2 web server with SSL support. Information on how to configure the Apache 2 web server with SSL can be found on the following web site: http://httpd.apache.org/docs/2.2/ssl/ Note: Using secure communication adds overhead to the communication between Apache and UMP. To configure the Apache 2 web server to use secure communication: 1. Open the httpd.conf file for editing: Uncomment the following line: LoadModule ssl_module modules/mod_ssl.so. Uncomment the following line: Include conf/extra/httpd-ssl.conf. 12 DMZ Guide

Configuring the Apache Web Server for Secure Communication 2. Create the file conf/extra/http-ssl.conf: Change the Listen port number as required. If using 443, make sure there are no other applications using it, particularly IIS as it is the default SSL port for IIS. Change the SSLSessionCache path to point to the correct location. Change <VirtualHost> to point to the port number specified above. Change the DocumentRoot path to point to the correct location. Change ServerName to the correct value, including port number. Change the ServerAdmin email address as required. Change the ErrorLog path to point to the correct location. Change the TransferLog path to point to the correct location. Change the SSLCertificateFile path to point to the PEM encoded certificate. (If you do not have a certificate, follow the instructions in step 3 to generate a self-signed certificate.) Change the SSLCertificateKeyFile path to point to the private key if it is not already combined with the certificate. (If you do not have a certificate, follow the instructions in step 3 to generate a self-signed certificate.) Change CustomLog to point to the correct location. 3. If you do not have a certificate, do the following steps to generate a self-signed certificate: a. Open a Windows Command window and change directories to C:\Program Files\Apache2\conf. b. Run the following command to generate a private key:..\bin\openssl genrsa -des3 -out server.key 1024 c. Run the following command to generate a CSR (Certificate Signing Request):..\bin\openssl req -config..\conf\openssl.cnf -new -key server.key -out server.csr d. Run the following commands to remove the passphrase from the key : cp server.key server.key.org followed by..\bin\openssl rsa -in server.key.org -out server.key e. Run the following command to generate a self-signed certificate:..\bin\openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt f. Update SSLCertificateFile and SSLCertificateKeyFile in http-ssl.conf file to point to the newly generated certificate and private key files. Chapter 2: Setting Up the DMZ 13

Configuring the Apache Web Server for Secure Communication 4. Restart the Apache web server. Important!: If you are using a self-signed certificate and Mozilla Firefox as a browser, due to the implementation of the Adobe FlashPlayer plugin you must set the wasp configuration variable webapps/sdp/use_html_upload=1 in order to be able to upload images and dashboards. Refer to the wasp probe documentation for information about wasp configuration variables. 14 DMZ Guide

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback