Advanced policy management does not support hierarchical host groups. If your PMD architecture contains hierarchical PMDBs, you must flatten your PMD hierarchy during the migration process.
When you flatten the PMD hierarchy, you migrate each PMDB separately. During the migration CA ControlMinder creates a host group for each PMDB in the hierarchical environment and adds each endpoint to all the host groups that correspond to the PMDBs to which it was subscribed.
To migrate hierarchical PMDBs
Example: Migrate Hierarchical PMDBs
The following diagram shows an example of a PMD environment with hierarchical PMDBs.
In this example, the PMDBs pm_aix and pm_solaris are subscribers of the PMDB whole_world. All IBM AIX endpoints are subscribers of pm_aix. All Sun Solaris endpoints are subscribers of pm_sol. Effectively, all endpoints are subscribers of whole_world.
When you migrate this PMD environment to an advanced policy management environment, you do the following:
CA ControlMinder creates the whole_world host group. All endpoints are members of this host group.
CA ControlMinder creates the pm_aix host group. IBM AIX endpoints are members of this host group.
CA ControlMinder creates the pm_sol host group. Sun Solaris endpoints are members of this host group.
Note: In a PMD environment, if you apply a filter file to the pm_aix PMDB, the filter file may prevent the rules that you deploy from the whole_world PMDB from reaching the IBM AIX endpoints. In an advanced policy management environment, the IBM AIX endpoints are members of the whole_world host group. All the rules that you deploy to the whole_world host group are deployed to all the endpoints without filtering. You should be aware of this changed behavior when you deploy rules in an advanced policy management environment.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|