Not logged in » Login
Nov 17 2014

Agentless Management with ServerView

Despite many advancements in recent years, administrators still struggle with a number of issues when managing server environments: Each "intervention" is potentially insecure, and working with SNMP agents and CIM providers often renders their efforts inflexible and inefficient – not to mention that it impairs system performance. The new Agentless Service in Fujitsu's ServerView management suite solves all of these problems at once.

In traditional server management concepts, administrators use two communication channels to perform management tasks and transmit management data:

  • In-band communication via Productive LAN ports connects to ServerView SNMP agents or CIM providers on a machine and requires an installed and active operating system (OS). The full set of management data is provided to the ServerView Operations Manager on the Central Management Station (CMS).
  • Out-of-band communication via Management LAN ports connects directly to the iRMC web interface of each individual PRIMERGY server, regardless of whether the system is powered on, or whether an operating system, SNMP agents or CIM providers are installed or active.

Routinely, a lot of administrative work is done using in-band communication, since this is the best way to exert full control over a server (see Fig. 1). But unfortunately, this method suffers from a number of limitations that have adverse effects on security and system performance as well as on the flexibility and efficiency of IT processes:

  • Executing management tasks via the Productive LAN is almost always a bad idea as it opens up an attack vector for criminals attempting to steal confidential data or take over a company's IT. Likewise, data may leak from one LAN into the other by accident. Therefore, seasoned admins and security experts have long demanded that no management tool should have direct access to the OS via Productive LAN ports, sockets, etc.
  • SNMP agents or CIM providers are only active as long as a server's OS is active as well. But managing servers must be possible in any operating state, even if no OS has been installed or if it has been shut down.
  • SNMP agents or CIM providers running within the OS of a server require at least some system resources. But management tools should never limit the maximum performance of business-critical applications, regardless of the specific environment.
  • In addition, SNMP agents or CIM providers imply at least some additional, manual maintenance efforts. By contrast, admins expect management tools to reduce administrative and maintenance efforts to a minimum.

 

 Image 1

Fig. 1: Traditional setup with ServerView SNMP agents or CIM providers running within the OS. Management data (red) is exchanged via Productive or Management LAN.

 

Agentless Management with ServerView solves these problems by exclusively using out-of-band communication.

How Does Agentless Management Work?
Since Agentless Management solely relies on out-of-band communication via a PRIMERGY server's iRMC and the management LAN, it does not need access to any ServerView SNMP agents or CIM providers running in the OS. However, without these software components, no information about the OS (e.g. event logs) is forwarded to the iRMC – in other words, it appears as a black box. As a result, only a reduced set of data is available for problem analysis.

Agentless Management with ServerView Agentless Service
To fill this information gap, our developers have created the new ServerView Agentless Service. It enables an agentless management mode that delivers OS data to the iRMC S4 via the High Speed Transfer Interface, including event logs, RAID data, and other information the iRMC normally doesn't have access to (see Fig. 2).

 

Image 2

Fig. 2: Agentless Mode with ServerView Agentless Service running within the OS. Management data (red) is exchanged via Management LAN only.

 

Put simply, the ServerView Agentless Service works as some kind of "bypass" that enables administrators to carry out their tasks without ever connecting to the Productive LAN, thus preventing unintended data leaks and minimizing the attack vector. In short, Agentless Management with ServerView Agentless Service

  • Improves data security by separating the networks for productive and management data
  • Offers flexibility by managing the server independent from its operating state
  • Reduces load of management tools on system resources to a minimum
  • Increases operational efficiency when combined with embedded Lifecycle Management (eLCM)

Thanks to these features, ServerView Agentless Service fulfills all of the performance, security, flexibility and efficiency requirements named above.

Availability and Pricing
ServerView Agentless Service ships free of charge with every ServerView DVD and can be installed using the ServerView Installation Manager. Alternatively, it's available via the FUJITSU Download Portal as a separate package. Customers who are already running one or more PRIMERGY servers may also install the Autonomous Software Package using the ServerView Update Manager or Update Manager Express. Like all ServerView components, ServerView Agentless Service will also run on PRIMEQUEST servers; here, usage differs a little since the iRMC is only accessible via a PRIMEQUEST's Management Board.

Maximilian Brandtner

 

About the Author:

Maximilian Brandtner

Senior Product Marketing Manager at Fujitsu CEMEA&I

SHARE

Comments on this article

No comments yet.

Please Login to leave a comment.

X

Please login

Please log in with your Fujitsu Partner Account.

Login


» Forgot password

Register now

If you do not have a Fujitsu Partner Account, please register for a new account.

» Register now