15.10.1 Range of communication that can be encrypted by the communication encryption function

The following figures and tables explain the range of communication that can be encrypted by the communication encryption function.

Figure 15‒24: Range of Intelligent Integrated Management server communication that can be encrypted

The numbers in the figure correspond to the numbers in the following table.

Table 15‒15: Range of Intelligent Integrated Management server communication that can be encrypted
No.	Location of communication		Description
No.	Connection source	Connection target	Description
1	Web browser (integrated operation viewer)	Intelligent Integrated Management server^#1	Used for connection from the viewer (integrated operation viewer) to JP1/IM - Manager (Intelligent Integrated Management Base)
2	Intelligent Integrated Management server^#2	Authentication server	Used for user authentication
3	Intelligent Integrated Management server	Integrated agent host	Used to connect from JP1/IM - Manager (Intelligent Integrated Management Base) to integrated agent host
4	Integrated agent host	Intelligent Integrated Management server	Used to connect to JP1/IM - Manager (Intelligent Integrated Management Base) from integrated agent host

#1: To encrypt the corresponding part of the communication, specify jp1imcmda in the BASESSL parameter in JP1/Base's SSL communication definition file. For details, see the JP1/Base User's Guide.

#2: To encrypt the corresponding part of the communication, specify jp1bsuser in the BASESSL parameter in JP1/Base's SSL communication definition file. For details, see the JP1/Base User's Guide.

Figure 15‒25: Range of Central Console communication that can be encrypted

The parenthesized numbers in the figure correspond to the numbers in the following table.

Table 15‒16: Range of Central Console communication that can be encrypted
No.	Location of communication^#1		Description
No.	Connection source	Connection target	Description
1	Central Console viewer	Event console service^#2	Used for connection from JP1/IM - View to JP1/IM - Manager (event console service)
2	Central Console viewer	Command execution^#2	Used when commands are executed from JP1/IM - View
3	`jcochstat` command^#2	Event console service (another host)^#2	Used when the `jcochstat` command with another host specified in the `-h` option is executed
4	Event console service^#3	Authentication server^#3	Used for user authentication
5	Event console service^#4	Event service (agent host)^#4	Used for connection from the event console service to the event service of the agent host

#1: The jcochfilter command, the jcochstat command (with a logical host name specified in the -h option or with the -h option omitted), the event base service, and the automatic action service use the communication encryption function in internal processing.

#2: To encrypt the corresponding part of the communication, specify jp1imcmda in the BASESSL parameter in JP1/Base's SSL communication definition file. For details, see the JP1/Base User's Guide.

#3: To encrypt the corresponding part of the communication, specify jp1bsuser in the BASESSL parameter in JP1/Base's SSL communication definition file. For details, see the JP1/Base User's Guide.

#4: To encrypt the corresponding part of the communication, specify jp1imcmda and jp1bsagent in the BASESSL parameter in JP1/Base's SSL communication definition file. For details, see the JP1/Base User's Guide.

Figure 15‒26: Range of Central Scope communication that can be encrypted

The parenthesized numbers in the figure correspond to the numbers in the following table.

Table 15‒17: Range of Central Scope communication that can be encrypted
No.	Location of communication^#1		Description
No.	Connection source	Connection target	Description
1	Central Scope viewer	Central Scope service^#2	Used for connection from JP1/IM - View to JP1/IM - Manager (Central Scope service)
2	Central Scope service^#3	Authentication server^#3	Used for user authentication

#1: The jcschstat, jcsdbexport, and jcsdbimport commands use the communication encryption function in internal processing.

#2: To encrypt the corresponding part of communication, specify jp1imcmda in the BASESSL parameter in JP1/Base's SSL communication definition file. For details, see the JP1/Base User's Guide.

#3: To encrypt the corresponding part of communication, specify jp1bsuser in the BASESSL parameter in JP1/Base's SSL communication definition file. For details, see the JP1/Base User's Guide.

Figure 15‒27: Range of IM Configuration Management communication that can be encrypted

The parenthesized numbers in the figure correspond to the numbers in the following table.

Table 15‒18: Range of IM Configuration Management communication that can be encrypted
No.	Location of communication^#1		Description
No.	Connection source	Connection target	Description
1	IM Configuration Management viewer	IM Configuration Management service^#2	Used for connection from JP1/IM - View to JP1/IM - Manager (IM Configuration Management service)
2	IM Configuration Management service	IM Configuration Management service on a lower manager^#2	Used when IM connections are synchronized
3	IM Configuration Management service^#3	Authentication server^#3	Used for user authentication

#1: The jcfexport, jcfimport, jcfvirtualchstat, jcfaleltdef, jcfaleltreload, jcfaleltstart, jcfaleltstat, jcfaleltstop, jcfallogdef, jcfallogreload, jcfallogstart, jcfallogstat, and jcfallogstop commands use the communication encryption function in internal processing.

#2: To encrypt the corresponding part of communication, specify jp1imcmda in the BASESSL parameter in JP1/Base's SSL communication definition file. For details, see the JP1/Base User's Guide.

#3: To encrypt the corresponding part of communication, specify jp1bsuser in the BASESSL parameter in JP1/Base's SSL communication definition file. For details, see the JP1/Base User's Guide.

To Page Top