SSH Tectia

Managing Initial Configuration Blocks (ICBs)

ICB is a configuration file required by the Management Agent. It contains parameters for the initial connection to the Management Server. The ICB is created by the Management Server and should be delivered to the managed host along with the Management Agent.

You may have multiple ICBs for different host groups or purposes, and it is possible to set the default groups for the hosts using a certain ICB.

The ICB is only required for the initial connection, after which the Management Agent builds a new configuration for itself. The ICB on the managed host is deleted after the router.dat configuration file is created.

The ICB contains information for:

  • ICB identification (Identification)

  • the Management Server to connect to (Uplink0Host)

  • the management connection port to be used (Uplink0Port, default is 17235)

  • (optional) in each host view, a host group where this host should be grouped in the administration interface

The ICB contains sensitive information, such as agent authentication credentials, and should be transferred to the target host using secure methods. However, the authentication data is automatically changed when the host connects to the Management Server. An ICB can only be used to add new hosts to the Management Server.

On managed AIX, HP-UX, Linux, and Solaris hosts, the default location where the Management Agent searches for the ICB is:

/var/opt/ssh-mgmt/agent/icb.dat

On Windows, the default location is:

C:\Program Files\SSH Communications Security\SSH Tectia Manager\icb.dat

ICBs are managed on the Manage ICBs page of the administration interface. To access the page, click Hosts → Manage ICBs on the menu. On this page, Valid ICBs and Expired ICBs are shown under separate tabs.

Managing ICBs

Figure 4.1. Managing ICBs