Sql Server Preparation; Follow Microsoft Sql Server Configuration Best Practices; Use Delegation With A Vcm Split Installation; Protect Sql Server From Connections Originating Outside The Server Zone - VMware VCM 5.3 - CONFIGURATION MANAGER SECURITY ENVIRONMENT REQUIREMENTS Configuration
Vcenter configuration manager security environment requirements
Table of Contents
Advertisement
vCenter Configuration Manager Security Environment Requirements
9.0 SQL Server Preparation
9.1 Follow Microsoft SQL Server configuration best practices
Microsoft provides both guidelines and an auditing tool that ensure the secure installation and operation of SQL Server.
11
12
13
These are available for SQL Server 2000
, 2005
, and 2008
.
14
Also, a secure installation of VCM pays particular attention to the Security Best Practices
items regarding patching,
physical security, service packs, and firewalls.
9.2 Use delegation with a VCM split installation
Figure 1 illustrates the default single-server installation of VCM. The product also operates in a split-server installation
where the SQL Server database runs on a different host than that of the Collector and web services. This split
configuration is available from VMware support. When using the split configuration, the web service can either use a
private login to the SQL Server or the system can be configured to delegate the VCM user's credentials to the web
service for use with SQL Server. Secure operation of VCM requires use of delegation.
9.3 Protect SQL Server from connections originating outside the server zone
Connections to VCM's SQL Server database from outside the server zone must be prevented. Even authorized VCM
users should not connect directly to the database from remote locations. A firewall is one means of accomplishing
this.10 The general technique is to block TCP port 1433 and UDP port 1434.
9.4 Forbid direct SQL Server login by VCM users
Even from within the server zone, regular VCM users must not directly connect to the VCM database using tools like
the Query Analyzer. Such connections bypass the administrative safeguards afforded by the VCM UI.
TECHNICAL WHITE PAPER / 20
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for VMware VCM 5.3 - CONFIGURATION MANAGER SECURITY ENVIRONMENT REQUIREMENTS
Related Products for VMware VCM 5.3 - CONFIGURATION MANAGER SECURITY ENVIRONMENT REQUIREMENTS
- VMWARE VCENTER CONFIGURATION MANAGER 5.3 - SOFTWARE CONTENT REPOSITORY TOOL GUIDE
- VMWARE VCENTER CONFIGURATION MANAGER 5.3 - VCENTER DISCOVERED MACHINES IMPORT TOOL GUIDE
- VMWARE VCENTER CONFIGURATION MANAGER 5.3 - SOFTWARE REQUIEREMENTS GUIDE
- VMWARE VCM 5.3 - RECOVERY GUIDE
- VMware VC-SRM4-A - vCenter Site Recovery Manager
- VMware VC-VLM4-C - vCenter Lab Manager
- VMWARE VCENTER SERVER 4.0 - UPGRADE GUIDE UPDATE 1
- VMWARE VCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION
Need help?
Do you have a question about the VCM 5.3 - CONFIGURATION MANAGER SECURITY ENVIRONMENT REQUIREMENTS and is the answer not in the manual?
Questions and answers