13.11.7 Communication encryption function setting (enable/disable) and connectivity among product versions
This subsection explains the communication encryption function setting (enable/disable), connectivity among product versions (10-50 or earlier and 11-00 and later), and connectivity with linked products.
- Organization of this subsection
-
-
(2) Connectivity between JP1/IM - View and JP1/Base (manager host)
-
(3) Connectivity between JP1/Base (authentication server) and JP1/IM - Manager
-
(4) Connectivity between JP1/Base (manager host) and JP1/Base (agent host)
-
(5) Connectivity between JP1/IM - Manager and JP1/Base(agent host)
-
(7) Connectivity between JP1/IM - Manager and linked products
(1) Connectivity between JP1/IM - View and JP1/IM - Manager and when the jcochstat command with the -h option specified is executed
JP1/IM - View version 11-00 or later checks the non-encryption communication host configuration file to determine whether unencrypted communication is to be established with the connection-target JP1/IM - Manager.
For details about the non-encryption communication host configuration file, see Non-encryption communication host configuration file (nosslhost.conf) (in Chapter 2. Definition Files) in the manual JP1/Integrated Management 2 - Manager Command, Definition File and API Reference.
JP1/IM - Manager |
JP1/IM - View |
|||
---|---|---|---|---|
Version |
Communication encryption function |
Version 10-50 or earlier |
Version 11-00 or later |
|
Unencrypted#1 |
Encrypted#2 |
|||
10-50 or earlier |
Always disabled |
U |
U |
N |
11-00 or later |
Disabled |
U |
U |
N |
Enabled (jp1imcmda)#3 |
N |
N |
Y |
The following example shows connectivity when the jcochstat command is executed from JP1/IM - Manager (hostA) to JP1/IM - Manager (hostB) on another manager host.
JP1/IM - Manager (hostA) |
JP1/IM - Manager (hostB) |
|||
---|---|---|---|---|
Version |
Communication encryption function |
Version 10-50 or earlier |
Version 11-00 or later |
|
Communication encryption function |
||||
Always disabled |
Disabled |
Enabled (jp1imcmda)#1 |
||
10-50 or earlier |
Always disabled |
U |
U |
N |
11-00 or later |
Disabled |
U |
U |
N |
Enabled (jp1imcmda)#1 |
N |
N |
Y#2 |
If you enable the communication encryption function on the manager host on which the jcochstat command is executed and on the manager host that is specified in the -h option of the jcochstat command, you can use the jcochstat command to change the response status of JP1/IM - Manager (other hosts). Note that this functionality for using the jcochstat command to change the response status of JP1/IM - Manager (other hosts) is for compatibility with version 6.
(2) Connectivity between JP1/IM - View and JP1/Base (manager host)
JP1/Base (manager host) |
JP1/IM - View |
|||
---|---|---|---|---|
Version |
Communication encryption function |
Version 10-50 or earlier |
Version 11-00 or later |
|
Unencrypted#1 |
Encrypted#2 |
|||
10-50 or earlier |
Always disabled |
U |
U |
N |
11-00 or later |
Disabled |
U |
U |
N |
Enabled (jp1imcmda)#3 |
N |
N |
Y |
|
Enabled (jp1bsuser)#4 |
U |
U |
N |
|
Enabled (jp1imcmda, jp1bsuser)#5 |
N |
N |
Y |
(3) Connectivity between JP1/Base (authentication server) and JP1/IM - Manager
The following explains encrypted communication between JP1/Base (authentication server) and JP1/IM - Manager that is supported.
JP1/Base (authentication server) |
JP1/IM - Manager |
|||
---|---|---|---|---|
Version |
Communication encryption function |
Version 10-50 or earlier |
Version 11-00 or later |
|
Communication encryption function |
||||
Always disabled |
Disabled |
Enabled (jp1bsuser)# |
||
10-50 or earlier |
Always disabled |
U |
U |
N |
11-00 or later |
Disabled |
U |
U |
N |
Enabled (jp1bsuser)# |
N |
N |
Y |
(4) Connectivity between JP1/Base (manager host) and JP1/Base (agent host)
For details about the connectivity between JP1/Base (manager host) and JP1/Base (agent host), see the JP1/Base User's Guide.
(5) Connectivity between JP1/IM - Manager and JP1/Base(agent host)
JP1/IM - Manager (manager host) |
JP1/Base (agent host) |
|||||
---|---|---|---|---|---|---|
Version |
Communication encryption function |
Version 12-00 or earlier |
Version 12-00 or later |
|||
Disabled |
Enabled#2 (White list available) |
Enabled#2 (White list not available) |
||||
Disabled |
Enabled |
|||||
12-00 or earlier |
Disabled |
U |
U |
U |
U |
N |
Enabled#1 |
U |
U |
U |
U |
N |
|
12-10 or later |
Disabled |
U |
U |
U |
U |
N |
Enabled (White list available)#2 |
U |
U |
U |
U |
N |
|
Enabled (White list not available)#2 |
N |
N |
N |
N |
Y |
(6) Connectivity of IM Configuration Management
The table below explains connectivity of the synchronization function for JP1/IM - Manager's IM Configuration Management information. The synchronization function acquires IM configuration (remote configurations) by establishing connection from the integrated manager to base managers. Depending on the versions of the connection-source JP1/IM - Manager and the connection-target JP1/IM - Manager and whether the communication encryption function is enabled, communication is encrypted, unencrypted, or blocked.
JP1/IM - Manager (connection source integrated manager) |
JP1/IM - Manager (connection-target base manager) |
|||
---|---|---|---|---|
Version |
Communication encryption function |
Version 10-50 or earlier |
Version 11-00 or later |
|
Communication encryption function |
||||
Always disabled |
Disabled |
Enabled (jp1imcmda)# |
||
10-50 or earlier |
Always disabled |
U |
U |
N |
11-00 or later |
Disabled |
U |
U |
Y |
Enabled (jp1imcmda)# |
U |
U |
Y |
(7) Connectivity between JP1/IM - Manager and linked products
When the communication encryption function is enabled, linkage with JP1/Service Support is not supported.
When the communication encryption function is enabled, linkage with JP1/IM - Rule Operation is not supported.