H3C Technologies H3C Intelligent Management Center User Manual

34

resources you want to manage. In addition, you need to ensure that the TCP and UDP ports that IMC uses

to communicate with other servers and modules are also permitted.
Alternatively, your organization may have a management VLAN or subnet dedicated to management

systems for which this traffic is permitted for devices in the VLAN or subnet. If your organization has such

a VLAN or subnet, be sure to locate the IMC servers in this VLAN or subnet.
To manage a device using SNMP, Telnet, and SSH, you need to configure the device to support these
protocols. For SNMP, this requires enabling SNMP on every managed device, using the version of SNMP

your organization mandates. It also requires configuring the device to forward SNMP traps to IMC if you

have designated IMC as the device to process and display SNMP traps. You need to configure IMC with

the SNMP configuration information that allows it to both SNMP poll devices as well as to receive SNMP
traps from managed devices. Use the SNMP templates feature to configure IMC for all devices that are

monitored and managed using SNMP. You can configure IMC to receive traps from devices when the

devices are auto-discovered or added to IMC.
With Telnet and SSH, you need to configure every device to enable Telnet and/or SSH sessions to it. See
the vendor documentation for instructions. You also need to configure IMC with the Telnet or SSH

configuration information in order for IMC to establish a session with a managed device. You can use

Telnet and SSH templates to simplify the process of adding device specific Telnet and SSH configuration

information to IMC. Some features in IMC require a Telnet or SSH application on the operator's local

computer. IMC can use the native Telnet and SSH clients that most operating systems provide. Check with
your organization's requirements regarding the use of Telnet or SSH for secure access to managed

devices.

Identifying security policies and restrictions for monitoring

To successfully deploy IMC, you must identify the various zones and application tiers in your network and

what the access policies are for each of them. Is ICMP, SNMP, Telnet, and SSH traffic permitted to and

from each one of these zones that contains one or more devices you want to manage and the VLANs or
subnets that IMC resides on? Or, what is required to permit ICMP, SNMP, Telnet, and SSH traffic to these

zones and tiers?
You need to configure the version of SNMP that is mandated by your organization on each device to be

managed using SNMP. This SNMP configuration on the device must match the SNMP configuration for

the device in IMC.
You need to identify your organization's requirements for the use of Telnet or SSH for managed devices

and configure each device and IMC accordingly.
Identifying your organization's password requirements for SNMP community strings, Telnet, and SSH

passwords as well as IMC operator accounts enables you to configure IMC to meet those requirements.

Identifying the integration requirements and

opportunities

IMC may not be the only management system in your infrastructure. Consider the following questions to
determine how to accomplish integration:

•

Is IMC the destination for events and alarms generated by IMC as well as by other management
systems?

•

Is IMC the repository and console for SNMP traps and Syslog events?