HP SM 9.31 System Hardening (250 Views)
Occasional Advisor
Posts: 14
Registered: ‎07-24-2013
Message 1 of 2 (250 Views)

HP SM 9.31 System Hardening

Hello again Experts,


We'd like to implement some hardening to our Service Manager web tier, clients and servers.


So far, I'm only aware of the documentation regarding enabling SSL and using https (mostly through SM Integration guides), though I'd like to know if there's more to hardening procedures to follow to further secure the SM system. If so, kindly point me in the right direction.




RTE, Client, Webtier: 9.31.022

Tomcat: 7.0





Honored Contributor
Posts: 4,355
Registered: ‎06-17-2010
Message 2 of 2 (223 Views)

Re: HP SM 9.31 System Hardening

Hi ,

System hardening is not controlled from application but comes in majority at OS, Network and web server level.
So SSL is just a feature of protocol for connection and https is only implemented at Web server level.

Here you have to decide your vulnerability matrix, that is, how much you want to strengthen your security and it comes from your design document and client approval.

There are number of tool to check and list vulnerability on system.

You have to block and deny access from unwanted ports like any other than 8081,13080,443 (for OOB system).
You have to disable corssside scripting, default Password in tomcat/apache, Trace track and many more.

Assign Kudo, if found post useful and mark it accepted if solves the issue.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.