In this article:
General Windows Scan Requirements
AvailabilityGuard collects configuration data from Windows hosts using a collection of Windows Management Instrumentation (WMI) queries and read-only commands.
AvailabilityGuard can connect to the target Windows system in either one of the following methods:
- WMI remote command invocation.
- Windows Remote Management (WinRM) - recommended.
To scan a Windows system, you should make the following preparations:
- Obtain the Windows hostname or IP address - if not auto-discovered through vCenter or SCVMM as appropriate.
- Obtain a user account on the Windows host with local administrative rights. This is a Microsoft requirement that enables WMI access, remote command invocation and certain read-only commands.
- When using WMI remote command invocation only: Verify that IP connectivity is permitted through WMI on all TCP ports and UDP ports 135, 137, 138, and 139.
- When using WinRM (recommended): Verify that IP connectivity is permitted through the WinRM ports (80/5985, by default). To use WinRM, it should be installed and activated on the scanned hosts ("winrm quickconfig").
- Verify that CIFS connectivity is permitted (port 445). CIFS is used to run vendor-native commands.
- AvailabilityGuard requires certain utilities to be available on the target Windows systems when external storage systems are accessed, as follows:
Storage System used | Requirement |
EMC Symmetrix, VMAX, VNX, CLARiiON |
At least one of the utilities (PowerPath, SymCLI, or inq [V7.3-487 and above]) is installed. If none of these utilities is available on a certain host, install the free EMC inq utility. |
Hitachi |
At least one of the utilities (HDLM or inqraid) is installed. If neither of these utilities is available on a certain host, install the free HDS inqraid utility. |
NetApp (SAN) | At least one of the utilities (sdcli or dsmcli) is installed. |
IBM DS | IBM SDD is installed. |
IBM XIV | IBM XIV Host Attachment Kit (HAK) is installed. |
Microsoft Hyper-V servers
AvailabilityGuard collects configuration data for Microsoft Hyper-V servers by connecting to System Center Virtual Machine Manager (SCVMM) through WMI or WinRM, as it does to collect data from any Windows host.
To scan Microsoft Hyper-V servers, you should make the following preparations:
- Obtain the SCVMM server name or IP address.
Obtain a user account for SCVMM server with local administrative rights.
- Meet WMI / WinRM requirements as described above for standard Windows systems.
- Verify that IP connectivity is permitted through WMI or WRM between the AvailabilityGuard collector server and the SCVMM server.
Additional notes
- Instead of WMI remote command invocation, WMI can also be activated using PowerShell. This method requires PowerShell version 5.1 or higher on the AvailabilityGuard server.
- You should use the same ID on all hosts, although you may use different IDs per domain or per individual host. To simplify provisioning, it is also preferred to use non-privileged domain users rather than local users.
- WMI is based on DCOM. You can further limit the TCP ports allowed for WMI/DCOM communication, but this requires a significantly more complex provisioning process. See Using Distributed COM with Firewalls.
When using WMI remote command invocation, Continuity Software recommends that all TCP port connections originating from the AvailabilityGuard server be allowed. Typically, the AvailabilityGuard server is placed on a secure management subnet. - When WinRM is used, avoid using the '<' and '>' characters in the password.
- AvailabilityGuard also supports a scan mode that does not require CIFS. For more details, please contact support.
- Scanning MS Windows Cluster 2008 R2 or higher requires PowerShell version 3.0 or higher.
- There is no need to scan each individual Hyper-V server as a Windows host; data is collecting for all Hyper-V servers from SCVMM.
Comments
0 comments
Please sign in to leave a comment.