• Spaces
  • Collections
  • Help
    • ×
     
     
    •  
    BMC ProactiveNet 9.6

    Page tree

    After you install the Integration Service, you can configure it for extended security. This allows the BMC PATROL Agent to connect only to the Integration Service that you specify and not to multiple Integration Services. If you have installed the Integration Service in a clustered setup, to configure for extended security, you must configure both the primary and the secondary Integration Services.

    Configuring the Integration Service for extended security

    1. Generate a key for the Integration Service by running the pw remote generateiskey integrationServiceName command. For example, pw remote generateiskey IS-1 where IS-1 is the name of the Integration Service connected to the BMC ProactiveNet Server. The key is generated in a .cfg file.

    2. After the key is generated, save the .cfg file in your computer.

    3. Export the key to a particular location as follows:

      pw remote exportiskey <integrationServiceName> -file <PathOnISMachine>\key1.cfg
    4. Apply the exported key to the BMC PATROL Agent as follows:

      (on Microsoft Windows)
      1.  In the computer on which the BMC PATROL Agent is installed, go to the 

        HKEY_LOCAL_MACHINE\SOFTWARE\BMC Software\Patrol\SecurityPolicy_v3.0\PROXY\client registry entry.

      2. Add a new key by right-clicking and selecting New > Key.
      3. Name the key security_mode and set the value of the key to KNOWN_HOST.

    (on UNIX)

      1. Add the following new property in the /etc/patrol.d/security_policy_v3.0/proxy.plc file ([client] section):
    security_mode = KNOWN_HOST

    Note

     On an IPv6 system, restart the primary Integration Service after generating the security key.

    Configuring the secondary Integration Service for extended security

    In a clustered setup, you must configure the primary and the secondary Integration Services.

    1. After configuring the primary Integration Service for extended security, copy the .db file from integrationServiceInstallationDirectory/pw/patrol/common/security/sks 

      to the corresponding location of the secondary Integration Service.

    2. Restart the secondary Integration Service.

    Importing the Integration Service key to the BMC PATROL Agent

    After generating a key to configure the Integration Service for extended security, you must import the key to the BMC PATROL Agent. To import the key:

    1. On the navigation pane of the Central Monitoring Administration UI, click Policies > Monitoring > All.
    2. Click the Add icon to add a monitoring policy.
    3. In the Monitoring Policy Configuration screen, click Configuration Variables.
    4. In the Configuration Variables screen, click the Import icon.
    5. Select the location of the .cfg file that contains the key and click Open.
      The key is imported and displayed in the Configuration Variables screen.

    Related topics

    Installing BMC ProactiveNet Integration Service and BMC ProactiveNet Cell

    Managing a BMC ProactiveNet Integration Service cluster through Central Monitoring Administration

     

    © Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.