Filter
Top Products
Chapter 9. Configuration planning 165
request an IP connection, or if the modem is unavailable, will use voice phone or e-mail to
request an IP connection.
The communication will be by way of VPN and will use data encryption. This network
configuration will position IBM to provide faster support assistance and problem resolution
since IBM will be able to connect to the S-HMC relatively quickly and error logs can be
transmitted to IBM over a high-speed network. This will eliminate any delays associated with
transmitting huge error logs over a dial-up connection.
There can also be a direct connection to the IBM network by way of VPN. This is depicted in
the diagram with the arrow from MC1 to the IBM network.
S-HMC security considerations
Allowing access between the Internet and computers in a customer network brings valid
security concerns which need to be addressed. IBM has taken the steps necessary to provide
secure network access for the S-HMC. Even after securing access to the S-HMC, there are
additional levels of security built into the Service applications available on the S-HMC. In the
following sections we discuss the security protection securing access to the S-HMC from the
Internet, and then we describe the internal security of the S-HMC itself.
Security mechanism 1 - Console must initiate session
The first security measure that is employed to protect the console is to only allow network
sessions or conversations to be initiated from the console itself. This means that there are no
applications running on the console that are listening on TCPIP ports to establish a session. If
a session is needed from the console to enable a service action, an IBM Service
representative may initiate this session by dialing into the console using the modem, and
requesting that the console establish the session. This session will only be initiated to one of
the defined TCPIP addresses which represent the IBM Service centers.
At installation time, the customer may decide to only allow a service session when manually
requested, by the customer, through the console interface. These installation options are
briefly described here, and explained in detail in
IBM TotalStorage DS8000 Introduction and
Planning Guide,
GC35-0495.
Security mechanism 2 - Public key encryption
The S-HMC uses a public key encryption mechanism to maintain the security of data
exchanged between the console and the IBM Service organization. Each S-HMC, during
manufacturing or during the installation process, generates a public encryption key based on
the private key that the console will use for encryption and decryption.
During the installation process at the customer site, the IBM SSR will connect to the IBM
Service organization, by way of modem, internet connection, or the SSRs MOST portable
console, and will transmit the public key for the installed console to a database maintained
within the IBM secure network. Whenever IBM Service requires access to the console located
at the customer site, the IBM personnel will have to retrieve the console-specific public key
from the database and use this key to establish the communication session needed for
service.
Note: The IP connection initiated by the S-HMC will always be to a specific telephone
number for modem access or to a specific IP address for internet access.
Note: IBM recommends that the S-HMC be connected to the customer’s public network
over a secure VPN connection, instead of a dial-up connection.