Port scanner usage and known limitations with IBM Tivoli Monitoring
Oneil 20000003NT Comment (1) Visits (12897)
A port vulnerability scanner is an application designed to probe a server or host for open ports. Most scanners will run for a 30 minute period, assessing open ports on a host and then producing a report to identify potential security compromises on the enterprise system(s) scanned to the end user.
Running such a scan can sometimes cause unforeseen problems with already running applications, such as ITM.
This blog highlights the known issues and limitations of running a port scanner on an environment featuring ITM. The aim here is to assist you to plan your scans at appropriate times to minimize the effects on your ITM infrastructure.
The Tivoli Enterprise Monitoring Server (TEMS) may be affected and cause a brief interruption of service in a 3-5 minute window, when the scanner is actively reviewing the component's communication ports. Once the scan has completed on the ports in use by the TEMS, normal ITM operations will resume.
The following functions will fail even after the port scanner has completed, and will not work until both the TEMS & TEPS components are restarted...
For coexistent products such as JAZZ and Omnibus/TEC, please refer to the respective Support teams for their response on known limitations and recommendations
If port scanning in your environment is mandatory, please follow the recommendations below to maintain a running ITM infrastructure.