366 Chapter 9
An Overview of ITO Processes
Understanding ITO Processes
The directories in Table 9-4 on page 365 contain files which are listed in
Table 9-5 on page 366. Table 9-5 also explains what the files do and
whether or not the contents of the files are encrypted:
Table 9-5 Agent-configuration Files and their Contents
Process Security
Although IT/Operations carries out basic authorization checks
independently of DCE when communication between the management
server and the managed nodes is required, DCE allows the
implementation of a much more stringent security policy at process level
between, for example, an RPC client and an RPC server, specifically in
the areas of authentication and data protection.
The level of data protection is chosen by the client, although the server
has the option of deciding whether a chosen level is sufficient. ITO sees
the concept of authentication in the context of either the RPC client or
the RPC server. For example, just as a server needs to determine
whether or not an incoming request is from a genuine ITO client, an RPC
client also needs to be sure that the server it is calling is a real ITO
server.
File Contents Encrypted?
le logfile encapsulation configuration Yes
msgi opcmsg(1) and opcmsg(3)
message interceptor
Yes
trapi SNMP event interceptor Yes
consi MPE/iX console interceptor Yes
monitor monitor agent template file Yes
mgrconf MOM configuration file No
primmgr MOM configuration file No
nodeinfo node specific ITO configuration
information, for example, the
logging directory, the type of
managed node internal character
set. All ITO agents read this file.
No
