HP Server Automation Virtual Appliance (Aka SA Standard) Secure, Simplified, and Lower-Cost Edition of HP Server Automation for Small to Medium Size Deployments

Total Page:16

File Type:pdf, Size:1020Kb

HP Server Automation Virtual Appliance (Aka SA Standard) Secure, Simplified, and Lower-Cost Edition of HP Server Automation for Small to Medium Size Deployments Technical white paper HP Server Automation Virtual Appliance (aka SA Standard) Secure, simplified, and lower-cost edition of HP Server Automation for small to medium size deployments Table of contents A solution for automated server configuration management ........................................................................................ 2 HP Server Automation Virtual Appliance (SAVA) feature overview ............................................................................... 2 Server Automation Virtual Appliance design and architecture overview ..................................................................... 3 Server automation client ....................................................................................................................................................... 4 OS provisioning and configuration ....................................................................................................................................... 4 Patch management ................................................................................................................................................................. 7 Software management .......................................................................................................................................................... 9 Audit and compliance management .................................................................................................................................... 9 Virtualization management ................................................................................................................................................ 10 Global Shell (OGFS) ................................................................................................................................................................ 11 HP Live Network ................................................................................................................................................................... 11 Appliance management and maintenance ....................................................................................................................... 12 Summary—A lightweight solution for server automation ........................................................................................... 12 Technical white paper | HP Server Automation Virtual Appliance A solution for automated server configuration management HP Server Automation software version 10.0 (HP SA) enables automated server configuration and system management. A key IT automation tool for server administrators, it is offered in two editions: 1. HP Server Automation Enterprise with the complete set of features, full set of managed platform support, and extreme scale known for the product 2. HP Server Automation Virtual Appliance (SAVA) aka HP Server Automation Standard is a single HP Server Automation (SA) core packaged as a virtual machine. This offering completely simplifies the setup required for HP Server Automation and reduces the setup time to under an hour. SAVA is targeted specifically for small to medium size deployments and with SAVA customers will be able to manage the entire lifecycle management of servers for up to 3000 servers. HP Server Automation Standard or SAVA supports a limited set of HP Server Automation Enterprise capabilities. For example, SAVA only supports Windows®- and Linux-based operating systems platforms. For more information on SAVA- supported platforms, see the SAVA support matrix. This white paper presents a brief overview of the HP Server Automation Virtual Appliance (SAVA) architecture, and provides a very high level insight into specific features it offers as well as the security and maintenance of the overall virtual appliance itself. HP Server Automation Virtual Appliance (SAVA) feature overview System administrators use SAVA to provision and manage servers through their entire lifecycle. SAVA uses resources such as OS build plans and scripts to run deployment jobs. With SAVA, patch administrators can establish patch polices to install and maintain patches for supported operating systems running on managed servers. With SAVA, compliance managers have visibility across the managed servers to see which servers are out of compliance and can then remediate non-compliant servers to bring them back into compliance, based on policies created within SA. SAVA helps you perform the following system management tasks: • Scan your networks for unmanaged servers and deploy SA agents for management • Install Windows, Linux, VMware ESXi, and Hyper-V™ on HP and non-HP servers • Update drivers, utilities, and firmware on HP ProLiant servers using the HP Service Packs for ProLiant (SPPs) • Configure HP ProLiant system hardware, Integrated Lights-Out (iLOs), BIOS, and HP Smart Array • Deploy to target servers without using PXE (HP ProLiant Gen8 and later, HP servers only) • Apply the required operating system patches for Windows and Linux servers • Install and configure software applications using templates called software policies • Use out-of-the-box application configuration templates to push configurations to all managed servers • Define server configuration policies to help ensure SAVA-managed servers meet corporate defined standards as well as the compliance regulations from industry-standard bodies or government organizations • Remediate non-compliant servers to bring them into compliance • Get complete visibility of all physical and virtual machine environments (VMware ESXi and Hyper-V) from a single tool • Create and manage VM templates for multiple virtualization vendor tools within SAVA • Search for VMs based on their genealogy (creation record) and by other virtual characteristics • Manage servers remotely for routine maintenance or troubleshooting issues from a single tool using SA Global Shell (OGFS) capability 2 Technical white paper | HP Server Automation Virtual Appliance Server Automation Virtual Appliance design and architecture overview HP Server Automation Virtual Appliance (SAVA) comes completely preinstalled and pre-configured on a virtual machine (VM) in a CentOS 6 platform and communicating with PostgreSQL 9.0 database in the backend. Figure 1 shows a high level view of the SAVA architecture. Browser SA virtual appliance Appliance IP address NIC Deployment IP address SA client Provision Patch Target server PostgreSQL Model repository Software Audit Deployment interface DHCP server Media server Media server SA agent optional optional (OS prov) Figure 1. SAVA architecture As Figure 1 shows, SAVA requires two IP addresses: • Appliance IP address: used to manage the appliance lifecycle and operations, such as patching/upgrading the appliance or embedded SA core, getting support logs • Deployment IP address: used by SA users to connect the nGUI to the embedded SA core to perform deployment or other SA specific tasks The target server represents a server managed by SAVA. Each managed server runs an SA agent, which is software used to make changes to the server. The SA agent is used for software installation and removal, software and hardware configuration, and server status reporting. The external media server is required for OS provisioning tasks and contains vendor-supplied OS media used during OS provisioning. It may also contain media for other purposes, such as firmware and driver updates, and is also where captured images are stored. The external media server is a separate server from the SAVA appliance and is not included as part of the appliance backup and restore actions. The media for other SA features such as software management, patching, and others is kept inside the appliance itself. The model repository is a SA component that stores critical information about SA and its managed server environment including inventory of all servers under management, inventory of the hardware associated with these servers such as memory, CPUs, storage capacity, and so on, managed server configuration, inventory of the operating systems, system software, and applications installed on managed servers, inventory of OS provisioning operating system installation media (the media itself is stored in the external media server), inventory of software available for installation, and the software policies that control how the software is configured and installed as well as the authentication and security information. The Model Repository in SAVA is actually inside the PostgreSQL 9.0 optimized and embedded within the SAVA appliance itself. Server automation client Also known as SA nGUI, the SAVA SA client is a Java-based tool that is installed on a SA user desktop and connects to the SA core within SAVA via the deployment IP address. Figure 2 displays a snapshot of the SA client navigation pane showing the operational tabs for SAVA users to manage their servers, scripts, jobs, and so on. 3 Technical white paper | HP Server Automation Virtual Appliance Server automation client Also known as SA nGUI, the SAVA SA client is a Java-based tool that is installed on a SA user desktop and connects to the SA core within SAVA via the deployment IP address. Figure 2 displays a snapshot of the SA client navigation pane showing the operational tabs for SAVA users to manage their servers, scripts, jobs, and so on. Figure 2. Use the tabs to navigate to each major area of the SA client. Devices tab–Shows all your servers and lets you manage them Virtualization tab–Shows all your virtualization services, virtual machines, VM templates,
Recommended publications
  • Run-Commands-Windows-10.Pdf
    Run Commands Windows 10 by Bettertechtips.com Command Action Command Action documents Open Documents Folder devicepairingwizard Device Pairing Wizard videos Open Videos Folder msdt Diagnostics Troubleshooting Wizard downloads Open Downloads Folder tabcal Digitizer Calibration Tool favorites Open Favorites Folder dxdiag DirectX Diagnostic Tool recent Open Recent Folder cleanmgr Disk Cleanup pictures Open Pictures Folder dfrgui Optimie Drive devicepairingwizard Add a new Device diskmgmt.msc Disk Management winver About Windows dialog dpiscaling Display Setting hdwwiz Add Hardware Wizard dccw Display Color Calibration netplwiz User Accounts verifier Driver Verifier Manager azman.msc Authorization Manager utilman Ease of Access Center sdclt Backup and Restore rekeywiz Encryption File System Wizard fsquirt fsquirt eventvwr.msc Event Viewer calc Calculator fxscover Fax Cover Page Editor certmgr.msc Certificates sigverif File Signature Verification systempropertiesperformance Performance Options joy.cpl Game Controllers printui Printer User Interface iexpress IExpress Wizard charmap Character Map iexplore Internet Explorer cttune ClearType text Tuner inetcpl.cpl Internet Properties colorcpl Color Management iscsicpl iSCSI Initiator Configuration Tool cmd Command Prompt lpksetup Language Pack Installer comexp.msc Component Services gpedit.msc Local Group Policy Editor compmgmt.msc Computer Management secpol.msc Local Security Policy: displayswitch Connect to a Projector lusrmgr.msc Local Users and Groups control Control Panel magnify Magnifier
    [Show full text]
  • PCI DSS Virtualization Guidelines
    Standard: PCI Data Security Standard (PCI DSS) Version: 2.0 Date: June 2011 Author: Virtualization Special Interest Group PCI Security Standards Council Information Supplement: PCI DSS Virtualization Guidelines Information Supplement • PCI DSS Virtualization Guidelines • June 2011 Table of Contents 1 Introduction ....................................................................................................................... 3 1.1 Audience ................................................................................................................ 3 1.2 Intended Use .......................................................................................................... 4 2 Virtualization Overview .................................................................................................... 5 2.1 Virtualization Concepts and Classes ..................................................................... 5 2.2 Virtual System Components and Scoping Guidance ............................................. 7 3 Risks for Virtualized Environments .............................................................................. 10 3.1 Vulnerabilities in the Physical Environment Apply in a Virtual Environment ....... 10 3.2 Hypervisor Creates New Attack Surface ............................................................. 10 3.3 Increased Complexity of Virtualized Systems and Networks .............................. 11 3.4 More Than One Function per Physical System ................................................... 11 3.5 Mixing VMs of
    [Show full text]
  • Disk Cleanup
    LESSON 6 . 1 98-349 Windows Operating System Fundamentals Understand Backup and Recovery Methods LESSON 6 . 1 98-349 Windows Operating System Fundamentals Lesson Overview Understand backup and recovery methods. In this lesson, you will explore: . Backup management . Backup options . Recovery methods LESSON 6 . 1 98-349 Windows Operating System Fundamentals Backup Management . Windows backup tools: Tool Description File Backup Windows Backup enables you to make copies of the data files for all the users on the computer. System Image Backup Windows Backup enables you to create a system image, which is an exact image of a drive. A system image includes Windows and your system settings, programs, and files. Previous Versions Previous Versions are copies of files and folders that Windows automatically saves as part of system protection. System Restore System Restore reestablishes the computer's system files to their state at an earlier point in time. LESSON 6 . 1 98-349 Windows Operating System Fundamentals Backup Management . Use Windows Backup and Restore to back up and recover files and folders. o Open Backup and Restore by clicking Start, Control Panel, System And Security, and then Backup And Restore. LESSON 6 . 1 98-349 Windows Operating System Fundamentals Backup Management (continued) . It is recommended to save backups to an external drive. You cannot save backups to the system drive. You can save backups to a network location. Windows will issue a warning if there is not enough drive space to store a system image. LESSON 6 . 1 98-349 Windows Operating System Fundamentals Backup Options . Let Windows Choose (Recommended)—Windows backs up data saved in libraries, desktop, and default Windows folders.
    [Show full text]
  • Security Program Blocking Driver Download a Driver Can't Load on This Device
    security program blocking driver download A driver can't load on this device. You are receiving this message because the Memory integrity setting in Windows Security is preventing a driver from loading on your device. Here are a few options you can try if you want to be able to use this driver: See if an updated and compatible driver is available through Windows Update or from the driver manufacturer. If that doesn’t work, try turning off the Memory integrity setting in Windows Security. Warning: If you choose to continue using your device without addressing the driver problem, you might discover that the functionality the driver supports does not work any longer, which could have consequences ranging from negligible to severe. To turn off the memory integrity setting. Go to the Core isolation page in Windows Security. Turn the Memory integrity setting Off if it isn’t already. You'll need to restart your computer for the changes to take effect. You can also open the Core isolation page by selecting Start > Settings > Update & Security > Windows Security > Device Security and then under Core isolation , selecting Core isolation details . Though the driver has a minor vulnerability that’s preventing it from loading, it’s most likely not malicious in any way. The driver name and company name that appear in the notification are the only reliable pieces of information that we have been able to gather about the driver. If an updated driver is unavailable from the driver manufacturer, it might be a good idea to contact them and inquire whether a fix is coming soon.
    [Show full text]
  • Optimizing Windows 10, Build 2004, for a Virtual Desktop Role
    Optimizing Windows 10, Build 2004, for a Virtual Desktop role Written by Robert M. Smith, Program Manager, Azure Global Customer Engineering Date Created: May 12, 2020 Date Updated: July 08, 2020 Date Published: tbd Contributors: Tim Muessig, Senior Premier Field Engineer; Narklis Engler, Principal Program Manager Version 1.2 Document Change History Version Changes 1.0 Adding verbiage for Windows Virtual Desktop, and Windows 10 build 2004 specifically 1.1 Additional updates for 2004 1.2 Final pass, updated group policy, services, tasks, and added info about Storage Sense for disk cleanup. Introduction This article is intended to provide suggestions for configurations for Windows 10, build 2004, for optimal performance in Virtualized Desktop environments, including Virtual Desktop Infrastructure (VDI) and Windows Virtual Desktop (WVD). All settings in this guide are suggested optimization settings only and are in no way requirements. The information in this guide is pertinent to Windows 10, version 2004, operating system (OS) build 19041. The guiding principles to optimize performance of Windows 10 in a virtual desktop environment are to minimize graphic redraws and “effects”, background activities that have no major benefit to the virtual desktop environment, and generally reduce running processes to the bare minimum. A secondary goal is to reduce disk space usage in the base image to the bare minimum. With virtual desktop implementations, the smallest possible base, or “gold” image size, can slightly reduce memory utilization on the host system, as well as a small reduction in overall network operations required to deliver the desktop environment to the consumer. No optimizations should reduce the user experience.
    [Show full text]
  • Windows 10 for Beginners
    Windows 10 for beginners Windows 10 is the latest version of the Windows operating system. New PCs will typically come with Windows 10 installed. If you have an older computer and would like to purchase Windows 10, it starts at $119. Find out more at: https://www.microsoft.com/en-us/windows/get- windows-10 Signing in There are two ways to sign in to your Windows 10 computer: with a local account or a Microsoft account. A local account means all of your files and settings are only accessible on the computer you log into. (Just like usual, to many of us!) A Microsoft account (Outlook, Hotmail, Live, MSN) allows you to sync your information between multiple devices, and would even let you sign into your account from a friend’s Windows 10 device. You need a Microsoft account to use features like Cortana, download from the Windows Store, and activate Find My Device. If you don’t have a Microsoft account, Windows 10 will walk you through setting one up. You can switch between a local and Microsoft account at any time. Windows 10 desktop screen Icons and shortcuts Start menu Cortana Task View Edge File Explorer Store Internet signal Sound Action Center La Crosse Public Library Windows 10 for beginners p.1 Start menu Microsoft now calls most things “apps”. Click on the Windows logo in the lower left corner to open your Start menu and see your apps. Get to your most These are called tiles. If they are used apps. If you’re animated, they’re called live tiles.
    [Show full text]
  • PC Maintenance and Security-Forecast
    PC Security and Maintenance by IMRAN GHANI © Imran Ghani, 2006, [email protected] PC Maintenance and Security-Forecast. • Major sources of danger. • Important steps to protect your PC. • PC Security Tools. • PC Maintenance Tools. •Tips. © Imran Ghani, 2006, [email protected] PC Security- Major sources of danger • Running malicious codes on your computer due to system or application vulnerabilities or improper user action. • Virus, Worms, Trojans. • Spam or unsolicited e-mails. • Spyware and Phishing. • Unauthorized access. • Faulty system configuration. • Malfunctioning of PC hardware. © Imran Ghani, 2006, [email protected] PC Security- Facts Facts about PC Security Management: • Computer Security is not an add-on or something external, it is part of everything you do with computer. • Not “one-size-fits-all”, but appropriate for the needs and vulnerabilities of each system. • In most of cases, it is simple common sense plus a little information and care. © Imran Ghani, 2006, [email protected] PC Security- Steps to protect your PC 1. Prevent unauthorized access. 2. Implement strong security policies. 3. Block, detect or disable computer Viruses and Worms. 4. Block dangerous e-mail attachments. 5. Block spam or unsolicited e-mails. 6. Update operating system, application, and antivirus regularly. 7. Create and analyze security logs. © Imran Ghani, 2006, [email protected] PC Security- Common Security Tools for PC 1. Windows Logon (Password and User Accounts) 2. Local Security Policy 3. Windows Firewall 4. Security Settings in Internet Explorer 5. Antivirus 6. Anti Spam and E-mail security 7. Windows Updates 8.
    [Show full text]
  • Reducing Downtime Due to System Maintenance and Upgrades Shaya Potter and Jason Nieh – Columbia University
    Reducing Downtime Due to System Maintenance and Upgrades Shaya Potter and Jason Nieh – Columbia University ABSTRACT Patching, upgrading, and maintaining operating system software is a growing management complexity problem that can result in unacceptable system downtime. We introduce AutoPod, a system that enables unscheduled operating system updates while preserving application service availability. AutoPod provides a group of processes and associated users with an isolated machine- independent virtualized environment that is decoupled from the underlying operating system instance. This virtualized environment is integrated with a novel checkpoint-restart mechanism which allows processes to be suspended, resumed, and migrated across operating system kernel versions with different security and maintenance patches. AutoPod incorporates a system status service to determine when operating system patches need to be applied to the current host, then automatically migrates application services to another host to preserve their availability while the current host is updated and rebooted. We have implemented AutoPod on Linux without requiring any application or operating system kernel changes. Our measurements on real world desktop and server applications demonstrate that AutoPod imposes little overhead and provides sub-second suspend and resume times that can be an order of magnitude faster than starting applications after a system reboot. AutoPod enables systems to autonomically stay updated with relevant maintenance and security patches, while ensuring no loss of data and minimizing service disruption. Introduction a system administrator chooses to fix an operating sys- tem security problem immediately, he risks upsetting As computers become more ubiquitous in large corporate, government, and academic organizations, his users because of loss of data.
    [Show full text]
  • Windows 10 Directx 12 Update Download Game Bar Says Directx 12 Incompatible, but DXDIAG Says Is Compatible
    windows 10 directx 12 update download Game Bar Says DirectX 12 Incompatible, But DXDIAG Says Is Compatible. My Microsoft Game Bar says that my system isn't compatible with DirectX 12 Ultimate. However, when I run DXDIAG, that says it IS compatible. So I'm not sure why Game Bar is wrong. I have an NVIDEA 3070, which should be compatible with DirectX 12, so I'm not sure what to believe right now and I want to make sure I am compatible. Here are some screen shots. Subscribe Subscribe to RSS feed. Report abuse. I didn't translate your Win10 build number earlier, and I see your Win10 build is not quite up to date. Mine is currently at build 19042 (AKA - v20H2) Some things can be fussy about having the latest version of Win10. DX12 ultimate is fairly new, and. may have come after your last Win10 version update. If you have not done version updates in the past, use the Update Assistant . Download Windows 10. For a quicker update download, it's best to avoid doing much on line, if you don't have a high speed internet connection. - Curious. Is the Window in your first image a Win10 Settings > Gaming Window ? Mine is totally different to that. How to Download, Install or Update all DirectX Versions in Windows 10. DirectX is a set of Application Programming Interface developed by Microsoft to run on the Windows and Xbox based systems. What DirectX does is that it creates an efficient medium between the graphic intense programs like games and the hardware like graphics processor that are needed to run those programs.
    [Show full text]
  • Module 5 Microsoft Windows Security Tools
    Presented by In partnership with Module 5 Microsoft Windows security tools cybertaipan.csiro.au Learning objectives Participants will understand where basic Windows operating system security tools are located: • Control Panel and Windows Settings • Administrative tools • Security and maintenance • Windows Defender security centre • Windows Defender firewall • Windows update Participants will learn how to manage Windows accounts and how accounts can affect security. 2 | Module 5| Microsoft Windows security tools CyberTaipan Section 1 Basic security policies and tools 3 | Module 5| Microsoft Windows security tools CyberTaipan Note on Windows security tools Windows has several versions (Professional, Home, etc.) Each version has sets of security tools with different looks, capabilities, and ways to access them. This training unit has several options for accessing almost all the security tools to perform specific tasks. In any case, the search capability in the Windows versions will assist users and administrators in finding the appropriate tool for a task. 4 | Module 5| Microsoft Windows security tools CyberTaipan Security and administration tools Windows has several components with groups of security and administration tools. You must be an administrator to use most of the tools. Some of the components are: Control Panel • Windows Settings • Control Panel • Microsoft Management Console (MMC) for advanced settings MMC 5 | Module 5| Microsoft Windows security tools CyberTaipan Windows search bar Windows 10 has a search bar that can bring up anything you need on your system. You can use the search bar to find any of these upcoming areas if you don’t know the direct path. 6 | Module 5| Microsoft Windows security tools CyberTaipan Windows Settings Where many of the basic system changes and configurations can be set within a Windows 10 operating system is a little different depending on the version of the operating system.
    [Show full text]
  • Windows Virus and Malware Troubleshooting Andrew Bettany (MVP) Microsoft, York, North Yorkshire, UK
    Andrew Bettany and Mike Halsey Windows Virus and Malware Troubleshooting Andrew Bettany (MVP) Microsoft, York, North Yorkshire, UK Mike Halsey (MVP) Sheffield, South Yorkshire, UK Any source code or other supplementary material referenced by the author in this book is available to readers on GitHub via the book’s product page, located at www.apress.com/9781484226063 . For more detailed information, please visit www.apress.com/source-code/ . ISBN 978-1-4842-2606-3 e-ISBN 978-1-4842-2607-0 DOI 10.1007/978-1-4842-2607-0 Library of Congress Control Number: 2017934653 © Andrew Bettany and Mike Halsey 2017 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, logo, or image, we use the names, logos, and images only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights.
    [Show full text]
  • Copyrighted Material
    30_045763 bindex.qxp 1/2/07 10:46 PM Page 607 Index Symbols & Numerics Add a Contact Wizard, 386 3D stack, 97, 98 Add a wireless device feature, 348 512MB of RAM minimum, 30 add extender option, 310 802.11 wireless protocols, 337, 355 Add Hardware Wizard, 473 /? (help switch), 510, 511 Add Newsgroup Wizard, 378–379 Add or remove a program window, 260 Add or Remove Effects dialog box, 329 Add or Remove Snap-ins window, 187 A Add Printer Wizard, 410–413 access check, 448 Additional Drivers window, 415 access policies, auditing, 275–276, Add/Remove Snap-in command, 186 278–279 address bar, 202, 399 accessibility Address toolbar, 125 improved for all users, 130–134 Adm folder, 193 from a single location, 15 Administrative log, 481 account(s) administrative settings, 133 creating passwords for, 162–165 administrator deleting, 167–168 adding new accounts, 154 maintaining separate for users, advanced tasks, 161–162 152–154 compared to Standard user, 157 naming, 157, 158 controlling standard user Account management window, 165–166 accounts, 252 account names role of, 253 changing, 162, 163 Administrator account maximum characters for, 157 changing to a Standard user account types, 151, 154, 166–167 account, 166 ACT (Application Compatibility modifiable parameters, 159–160 Toolkit), 144 one always required, 167 Action menu for a snap-in, 188 options available to, 174–180 actions in Task Scheduler, 504 Parental Controls not allowed, 169 Actions pane Adminstrators group, 180 in Console Root window, 186 Advanced Security firewall, 237, in Event Viewer,
    [Show full text]