We set the communication options to outbound only, and HP support staff have to call our 24x7 operations if they want inbound connectivity. A reason/case and name have to be given and are logged. We don't use the Policy Manager, I know this software from another vendor (where you get it FOR FREE with the software needed for remote support), and I appreciate every second I don't have to use it. But it's nevertheless a shame that one has to pay for it with HP.
We used to use cpmaint to change it, but since 3.1.2, 3parcust is sufficient.
Quote:
I was royally pissed at first but our local guy showed us the level of logging done on the backend for remote access and it seemed more than sufficient to assure nobody is using it as a jumping off platform to get into our network.
afidel, could you share what you know about logging in the background? We asked out local support guys if we could extract some info from the logs on the SP (connection start, connection end, IP and/or user name from the one who connects, ...) but actually never got a satisfying answer...