Table of Contents
Advertisement
Infrastructure: Consists of domain controllers (DCs), routers, SMTP, DNS, and other infrastructural items.
l
User Interface (UI): Consists of VCM user desktops.
l
Server: Consists of the Collector service, VCM Remote service, IIS, web application, SQL Server, Orches-
l
trator, and Agent proxy.
Agent: Each managed machine, software provisioning repository, and alternate source resides in an Agent
l
zone. There may be multiple Agent zones.
Domain administrators manage the infrastructure, UI and server zones. Each Agent zone is controlled by a local zone
administrator. This is often the managed machine or repository administrator
This partitioning allows us to understand trust between VCM components on a more granular level than DC domains.
A trust boundary separates each zone. Machines and services in one zone distrust those in another without either
special configuration or authentication. Special configuration establishes implicit trust. Authentication engenders trust
between components lacking implicit trust. When an entire zone trusts another, this means that every VCM
component in the first zone implicitly trusts every component in the second. If two machines are in the same zone, it
does not mean that they trust each other, rather it means that they are not required to distrust each other by default.
Once VCM is installed, the UI and Agent zones trust the infrastructure and server zone. On the other hand, the server
zone completely trusts only the infrastructure; it does not trust the UI zone except as a source of UI commands from
VCM users that were authenticated by the infrastructure. The server zone also trusts the Agent zone as a source for
Agent data but not to provide data or implement change that would affect other Agents or VCM configuration.
These trust zones and boundaries are pedagogical tools, and are not visible in the features of the VCM product. The
trust zones have no relationship to the zones in IE.
vCenter Configuration Manager Security Environment Requirements
TECHNICAL WHITE PAPER / 8
Advertisement
Table of Contents
Related Manuals for VMware VCM 5.3 - CONFIGURATION MANAGER SECURITY ENVIRONMENT REQUIREMENTS
Related Products for VMware VCM 5.3 - CONFIGURATION MANAGER SECURITY ENVIRONMENT REQUIREMENTS
- VMWARE VCENTER CONFIGURATION MANAGER 5.3 - SOFTWARE CONTENT REPOSITORY TOOL GUIDE
- VMWARE VCENTER CONFIGURATION MANAGER 5.3 - VCENTER DISCOVERED MACHINES IMPORT TOOL GUIDE
- VMWARE VCENTER CONFIGURATION MANAGER 5.3 - SOFTWARE REQUIEREMENTS GUIDE
- VMWARE VCM 5.3 - RECOVERY GUIDE
- VMware VC-SRM4-A - vCenter Site Recovery Manager
- VMware VC-VLM4-C - vCenter Lab Manager
- VMWARE VCENTER SERVER 4.0 - UPGRADE GUIDE UPDATE 1
- VMWARE VCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION