Articles in this section

See more

Hitachi VSP | Scan Requirements

Avatar
Alan Lipchin
  • Updated

Preparation for Scanning Hitachi VSP

StorageGuard collects configuration data for Hitachi VSP storage systems by either running read-only API on the HCS (HiCommand) server or on the Ops Center server. It is recommended to also enable OS level access for complementary configuration collection.

The following table lists the requirements for scanning Hitachi VSP storage arrays:

Option 1: HCS (AKA HiCommand)

# Description
1 Provide the name or IP address of an HCS (HiCommand) host.
2 Provide an HCS application user account (and password) with unlimited read-only rights.
3 Make sure that IP connectivity through HTTP or HTTPS is available between the StorageGuard server and each HCS server.
4 Provide an OS user account for the HCS server as described under Preparation for Scanning Storage Management hosts.
 

 

Option 2: Hitachi Ops Center

# Description
  Ensure that the Ops Center API Configuration Manager software is installed, and that storage arrays have been registered to it.
1 Provide the name or IP address of an Ops Center host.
2 Provide an Ops Center application user and password Rest API with Security Administrator rights (View Only).

Ensure that the user can access:

  • https://[Server]:443/portal
  • https://[Server]:23451/ConfigurationManager

API Examples:

  • GET https://server:23451/ConfigurationManager/configuration/version
  • GET https://server:443/portal/security/v1/password-policy
3 Make sure that IP connectivity through HTTP or HTTPS is available between the StorageGuard server and each Ops Center server (ports 443, 23451, 23450).
4 Provide an OS user account for the Ops Center host as described under Preparation for Scanning Storage Management hosts.
 

 

Creating a User Account for Scanning Hitachi VSP

The following suggested method can be used to create a user account with appropriate privileges:

Login to the Hitachi user interface:

  1. Access the Administration tab, click Users and Permissions.
  2. Click Add User
  3. Assign the user with the built-in Security Administrator (View Only) group - which includes the Security Administrator (View Only), Audit Log Administrator (View Only) and Storage Administrator (View Only) roles.

To verify that the user has been provisioned successfully:

  • You will need the curl command available.
  • First obtain an authorization token.
  • Open command line (CMD).
  • Execute the following command (fill in the user name, password and IP): curl -k -v -u "[user]:[password]" -X POST -s https://[Server IP]:443/portal/auth/v1/providers/builtin/token
  • Copy the authorization line
  • Example:  Authorization: Basic U1BVlJBTpzZFV6c3B3Kzdz==
  • Now we can execute a REST API command: curl -k -v -H "Accept:application/json" -X GET [API CMD] -H [token]
  • Example: curl -k -v -H "Accept:application/json" -X GET https://[Server]:23451/ConfigurationManager/configuration/version -H "Authorization: Basic U1BVlJBTpzZFV6c3B3Kzdz=="
  • You should receive a valid json output.

 

Related articles

Comments

0 comments

Please sign in to leave a comment.