Top
ServerView Resource Orchestrator V3.4.0 Automatic Quarantining Function User's Guide
FUJITSU Software
Chapter 1 Automatic Quarantining Function Overview > 1.4 Prerequisites for Using the Automatic Quarantining Function
PreviousNext

1.4 Prerequisites for Using the Automatic Quarantining Function

In addition to Resource Orchestrator, the following software is required to use the automatic quarantining function. When using a configuration in which there are multiple managers, ensure that the environment of each manager is the same as the manager environment described below.

This tool can be used in the following environments.

Version of Resource Orchestrator

FUJITSU Software ServerView Resource Orchestrator V3.4.0

Resource Orchestrator Manager

  • Windows manager

For details, refer to the following.

[Virtual Edition]

"Table 6.2 [Windows Manager]" in "6.1.1.1 Required Basic Software" in the "Overview"

[Cloud Edition]

"Table 6.47 [Windows Manager]" in "6.1.1.1 Required Basic Software" in the "Overview"

Required software for the Resource Orchestrator manager

  • Windows PowerShell 3.0 or later
[Trend Micro OfficeScan]
  • SNMP Trap Service (Standard OS service) (*1, *2)

    *1: Ensure that community names conform to the community name set for the OfficeScan 11.0 server or the OfficeScan XG server.

    *2: The following port is used when using this function.

Sender Receiver Protocol
Server Port Server Service Port Modification
OfficeScan 11.0 server or OfficeScan XG server Indefinite Admin server snmptrap 162 Not possible udp
[McAfee]
  • SNMP Trap Service (Standard OS service) (*1, *2)

*1: Ensure that community names conform to the community name set for the McAfee ePolicy Orchestrator v5.9 server.

*2: The following port is used when using this function.

Sender Receiver Protocol
Server Port Server Service Port Modification
McAfee ePolicy Orchestrator v5.9 server Indefinite Admin server snmptrap 162 Not possible udp
[Symantec]

There is no required software.

The following port is used when using this function.

Sender Receiver Protocol
Server Port Server Service Port Modification
Symantec Endpoint Protection management server Indefinite Admin server rcxweb 23461 Not possible tcp
[VMware]
  • VMware vCenter Server 6.0
  • VMware vCenter Server 6.5
  • VMware vCenter Server 6.7

It can be placed on the admin server with the manager, or on any other server.

  • VMware vSphere PowerCLI 6.0 or later

    Note

    • When using VMware vSphere 6.7, install VMware PowerCLI 10.1.0 or later.

    • When using VMware PowerCLI 6.5.1 or later, it is necessary to execute VMware PowerCLI from Windows PowerShell (x86).

      Perform installation so the VMware PowerCLI module is located on the following path.

      C:\Program Files (x86)\WindowsPowerShell\Modules
    • After installing VMware PowerCLI, start the Windows PowerShell console using administrator privileges, and execute the following.
      1. Change the Windows PowerShell execution policies. 
        > Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
      2. Change the settings for security warnings of VMware PowerCLI. (VMware PowerCLI 10.0.0 or later) 
        > Set-PowerCLIConfiguration -InvalidCertificateAction Warn -Scope AllUsers
[Hyper-V]
  • Microsoft(R) System Center 2016 Virtual Machine Manager

It can be placed on the admin server with the manager, or on any other server.

[Citrix Xen]
  • None.

Antivirus Software

[Trend Micro OfficeScan]
  • OfficeScan 11.0 server or OfficeScan XG server

    Notifies Resource Orchestrator of security risks detected on VM guests and physical L-Servers.

    It can be placed on the admin server with the manager, on the VM management software, or on any other server.

    Multiple OfficeScan 11.0 servers or OfficeScan XG servers can be registered as antivirus software.

[Symantec]
  • Symantec Endpoint Protection Manager 14.0

    Notifies Resource Orchestrator of security risks detected on VM guests and physical L-Servers.

    It can be placed on the admin server with the manager, on the VM management software, or on any other server.

    It is not possible to register multiple Symantec Endpoint Protection Manager servers in Resource Orchestrator.

  • Windows PowerShell 3.0 or later

    This must be installed on the Symantec Endpoint Protection Manager server as the execution environment for the script used to notify the Resource Orchestrator manager of security risks.

[McAfee]
  • McAfee ePolicy Orchestrator v5.9

    Notifies Resource Orchestrator of security risks detected on VM guests and physical L-Servers.

    It can be placed on the admin server with the manager, on the VM management software, or on any other server.

    Multiple McAfee ePolicy Orchestrator servers can be registered as antivirus software.

For details on required software other than the above, refer to the following.

[Virtual Edition]

"6.1.1.4 Required Software" in the "Overview"

[Cloud Edition]

"6.1.2.4 Required Software" in the "Overview"

Required hardware for the Resource Orchestrator manager

For details, refer to "Table 2.1 Admin Server Hardware Specifications".

Basic software for Resource Orchestrator agents

For VM hosts
[VMware]
  • VMware vSphere 6.0
  • VMware vSphere 6.5
  • VMware vSphere 6.7
[Hyper-V]
  • Windows Server 2016
[Citrix Xen]
  • Citrix XenServer 7.1 LTSR or Citrix XenServer 7.2
For SBC servers operating on physical servers
  • Windows

    For details, refer to the following.

    [Virtual Edition]

    "Table 6.4 Agent [Windows]" in "6.1.1.1 Required Basic Software" in the "Overview"

    [Cloud Edition]

    "Table 6.49 Agent [Windows]" in "6.1.1.1 Required Basic Software" in the "Overview"

Required software for Resource Orchestrator agents

For VM hosts
[Hyper-V]
  • ServerView Agents for Windows

    For details, refer to the following.

    [Virtual Edition]

    "Table 6.35 Agent [Windows] [Hyper-V]" in "6.1.1.4 Required Software" in the "Overview"

    [Cloud Edition]

    "Table 6.85 Agent [Windows]" in "6.1.2.4 Required Software" in the "Overview"

  • Resource Orchestrator agent
For SBC servers operating on physical servers
  • ServerView Agents for Windows

    For details, refer to the following.

    [Virtual Edition]

    "Table 6.35 Agent [Windows] [Hyper-V]" in "6.1.1.4 Required Software" in the "Overview"

    [Cloud Edition]

    "Table 6.85 Agent [Windows]" in "6.1.2.4 Required Software" in the "Overview"

  • Resource Orchestrator agent

Required patches for Resource Orchestrator agents

For VM hosts
[Hyper-V]
  • Use Microsoft Update, etc. to apply the latest updates to Windows Server 2016 and Windows guest OSs.
  • For Windows guest OSs, update KB3063109 is required. Apply KB3063109 using Microsoft Update, etc.
  • It is necessary to install the latest available integration services on each VM guest OS.

Required hardware for Resource Orchestrator agents

For Virtual PCs
[VMware]

Operates on the following servers

  • VMware vSphere 6.0
  • VMware vSphere 6.5
  • VMware vSphere 6.7

For details, refer to the vSphere column in "Table 6.110 Required Hardware Conditions for Agents" in "6.2.1 All Editions" in the "Overview".

[Hyper-V]
  • A Fujitsu server on which Hyper-V on Windows Server 2016 will operate

    For details, refer to the Hyper-V column in "Table 6.110 Required Hardware Conditions for Agents" in "6.2.1 All Editions" in the "Overview".

[Citrix Xen]
  • A server on which Citrix XenServer 7.1 LTSR or Citrix XenServer 7.2 will operate
For SBC servers operating on physical servers
  • PRIMERGY RX servers
Basic software for thin clients
  • Necessary when using virtual PCs.
    • Citrix XenDesktop (R)
    • Citrix Virtual Apps and Desktops(R) 7 1808
  • In the above versions, it is possible to enable notification of quarantining.
    • Citrix Virtual Apps and Desktops(R) 7 1808
    • Citrix XenDesktop(R) 7 - 7.18
  • Necessary when using either of the following environments:
    • Citrix XenApp (R)
    • Citrix Virtual Apps(R) 7 1808
      SBC servers deployed on VM hosts
      [VMware]

      SBC servers deployed on VMware vSphere (VMware ESXi)

      [Hyper-V]

      SBC servers deployed on Hyper-V on Windows Server 2016

      [Citrix Xen]

      SBC servers deployed on Citrix XenServer

      SBC servers deployed on physical servers

      In the above versions, it is possible to enable notification of quarantining.

      • Citrix Virtual Apps(R) 7 1808

      • Citrix XenApp(R) 7.5 - 7.18

[VMware] Virtual NICs for VM guests

The following virtual NICs are supported:

  • E1000e
  • E1000
  • VMXNET3

Basic software for VM guests and physical L-Servers

[Trend Micro OfficeScan]
  • OSs supported by OfficeScan 11.0 agents or OfficeScan XG agents
[McAfee]
  • OSs supported by McAfee Agent and McAfee Endpoint Security
[Symantec]
  • OSs supported by Symantec Endpoint Protection agents

Point

To perform the quarantining process, the infrastructure administrator needs to know the user ID and password for the OS administrator of each VM guest and physical L-Server.

Required software for VM guests and physical L-Servers

[Trend Micro OfficeScan]
  • OfficeScan 11.0 agents or OfficeScan XG agents
[McAfee]
  • McAfee Agent and McAfee Endpoint Security
[Symantec]
  • Symantec Endpoint Protection Agents

Required hardware for physical L-Servers

  • L2 switches

For details, refer to the following in the "Overview".

[Virtual Edition]
"Table 6.111 Supported Network Devices" in "6.2.2 Virtual Edition"
[Cloud Edition]
"Table 6.114 Supported Network Devices" in "6.2.3 Cloud Edition"
PreviousNext
Copyright 2017-2020 FUJITSU LIMITED