Networking and Security
About Secure Task Execution

	Introduction

HP Systems Insight Manager tasks that cause state or configuration changes on managed systems use Secure Task Execution (STE) to issue their commands to the system. STE allows an HP Systems Insight Manager system to securely request execution of a task from a managed system. It ensures that the user requesting the task has the appropriate rights to perform the task. The request includes a digital signature to uniquely identify the HP Systems Insight Manager system making the request. Secure Sockets Layer (SSL) is then used to encrypt the request and protect the data from alternation or eavesdropping.

Note
	STE requires a Trusted Management Systems List at each managed system to ensure that only specified HP Systems Insight Manager systems can execute tasks on the system.

Note
	On the managed system, only Trust by Certificate ensures the request came from the specified HP Systems Insight Manager system. Other options, such as Trust by Name or Trust All, do not verify the digital signature of the HP Systems Insight Manager system, and therefore, cannot reliably verify the sender of the request.

The managed system receiving the task request is responsible for ensuring that the user making the request has the appropriate rights to make the request on the system. Refer to Trusted Certificates - Require Trusted Certificates for more information.

Note
	Tasks using STE, such as Replicate Agent Settings and Install Software and Firmware, do not work against a Virtual Cluster System. However, these tasks work when executed directly against the physical nodes of the cluster.

	Related Topics