Using a remote HMC
A remote HMC gives the most complete set of functions because it is a complete HMC. Only the process of configuring the managed objects is different from a local HMC.
As a complete HMC, a remote HMC has the same setup and maintenance requirements as a local Hardware Management Console. A remote HMC needs LAN TCP/IP connectivity to each managed object (service processor) that is to be managed; therefore, any customer firewall that might exist between the remote HMC and its managed objects must allow the HMC to service processor communications to occur. A remote HMC might also need communication with another HMC for service and support. Table 1 shows the ports that a remote HMC uses for communications.
| Port | Use |
|---|---|
| udp 9900 | HMC to HMC discovery |
| tcp 9920 | HMC to HMC commands |
A remote HMC needs connectivity to IBM® (or another HMC that has connectivity to IBM) for service and support. The connectivity to IBM might be in the form of access to the internet (through a company firewall).
Performance and the availability of the status information and access to the control functions of the service processor depends on the reliability, availability, and responsiveness of the customer network that interconnects the remote HMC with the managed object. A remote HMC monitors the connection to each service processor and attempts to recover any lost connections and can report those connections that cannot be recovered.
Security for a remote HMC is provided by the HMC user-login procedures in the same way as a local HMC. As with a local HMC, all communication between a remote HMC and each service processor is encrypted. Certificates for secure communications are provided, and can be changed by the user if wanted.
TCP/IP access to the remote HMC is controlled through its internally managed firewall and is limited to HMC-related functions.