Sign In
Upload
Manuals
Brands
VMWARE Manuals
Software
VCM 5.3 - CONFIGURATION MANAGER SECURITY ENVIRONMENT REQUIREMENTS
VMWARE VCM 5.3 - CONFIGURATION MANAGER SECURITY ENVIRONMENT REQUIREMENTS Manuals
Manuals and User Guides for VMWARE VCM 5.3 - CONFIGURATION MANAGER SECURITY ENVIRONMENT REQUIREMENTS. We have
1
VMWARE VCM 5.3 - CONFIGURATION MANAGER SECURITY ENVIRONMENT REQUIREMENTS manual available for free PDF download: Configuration
VMWARE VCM 5.3 - CONFIGURATION MANAGER SECURITY ENVIRONMENT REQUIREMENTS Configuration (32 pages)
vCenter Configuration Manager Security Environment Requirements
Brand:
VMWARE
| Category:
Software
| Size: 0.81 MB
Table of Contents
Table of Contents
2
1 Introduction to the Security Environment of VCM
5
2 Background Concepts
6
3 Secure Domain Infrastructure
9
Domain Controller Is Trusted
9
Network Infrastructure Is Secure
9
Network Infrastructure Services Are Available
9
Trusted' Certificates, Certificate Authorities, and Certificate Servers Are Trusted
9
Network Infrastructure Hosts Are at Least as Secure as VCM
10
4 Hosting Environment
11
VCM Servers Are Secured and Managed Like Network Infrastructure
11
UI Zone Machines Should be Subject to Access Controls
11
Data Originating from a Managed Machine Is no more Trustworthy than the Machine
12
Server Zone Machine Dedicated to VCM
12
5 Personnel Selection and Training
13
VCM Accounts Are Granted to Users Who Are Trusted, Trained, and Qualified as System and Net- Work Administrators
13
VCM Users Are Advised to Treat Direct Login Prompts to VCM with Skepticism and Caution
13
VCM Users Must Protect Collected Data as Confidential Information
13
Trust Individual Collection Results no more than Their Source
13
Beware of Cross-Site Scripting Attacks
14
Exported Data Is Outside the Control of VCM
14
6 Host Preparation and Management
15
VCM Hosts Pass Foundation Checker Checks
15
Cryptographic Service Providers Are FIPS-140 Certified
15
SQL Server Best Practices Are Followed
16
Only Trusted Software Should be Installed in the Server Zone
16
Perform Routine Backups, Patches, and Virus Scanning
16
7 Safeguarding Installation Kits
17
VCM Installation Kits Are Obtained from Vmware or Secure Sources
17
VCM Installation Kits Are Protected from Tampering or Verified
17
Unknown Software Publisher Warnings During Clickonce Installations Are Not Dismissed Unless the Publisher Is Vmware
18
Automatic Upgrade of the VCM Remote Client Is Not Used to Install Software
18
8 IIS Preparation
19
IIS Set to Use Windows Integrated Authentication for the VCM Web Site Root
19
VCM Web Service Uses HTTPS
19
SSL/HTTPS Certificate Issued by Trusted CA or Self Issued
19
9 SQL Server Preparation
20
Follow Microsoft SQL Server Configuration Best Practices
20
Use Delegation with a VCM Split Installation
20
Protect SQL Server from Connections Originating Outside the Server Zone
20
Forbid Direct SQL Server Login by VCM Users
20
10 Web Browser Preparation
21
Place the VCM Web Host in the IE Trusted Zone
21
Verify the VCM Web Host's HTTPS Certificate
21
Verify the VCM Software Publisher Certificate
21
Remove Untrusted Machines from the IE Trusted Zone
21
Customize Internet Explorer's Trusted Zone Internet Security Options
22
11 Agent Installation and Maintenance
23
File and Directory Access Controls Prevent Tampering
23
Access Control on Machine Configuration Prevents Tampering
23
The Agent Is Available for Collection
23
The Trusted Certificate Store Contains Reputable Certificates
24
The Enterprise Certificate Authorized Collection
24
Unauthorized (Private) Agents Are Not Allowed
24
Continuous Possession and Control of the Agent
24
12 Software Provisioning Components
25
All Published Packages Are Signed by Trusted Parties
26
Protect Repositories
26
Accept Only Reputable Software Package Publishers
26
Configure Only Trusted Sources over Secure Channels
26
Take Precautions When Using VCM Software Provisioning Extensions
26
13 Proper Decommissioning
28
An Installation of VCM Is Properly Decommissioned before Its Hardware Is Repurposed or Retired
28
Collector and Agent Private Keys Used for TLS Are Not Copied between Machines
28
Enterprise Certificate Private Key and IIS (for HTTPS) Host Private Keys Are Transferred Manually
29
Server Zone Hosts Have Their Disks Removed and Transferred, Secured, or Erased before Decommissioning
29
Agent Private Keys Are Erased at Agent Install
29
Unused Network Authority Accounts Are Disabled or Removed
29
References
30
Advertisement
Advertisement
Related Products
VMWARE VCM 5.3 - RECOVERY GUIDE
VMWARE VCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION
VMWARE VCM 5.3
VMWARE VCENTER CONFIGURATION MANAGER 5.3 - SOFTWARE CONTENT REPOSITORY TOOL GUIDE
VMWARE VCENTER CONFIGURATION MANAGER 5.3 - VCENTER DISCOVERED MACHINES IMPORT TOOL GUIDE
VMWARE VCENTER CONFIGURATION MANAGER 5.3 - SOFTWARE REQUIEREMENTS GUIDE
VMware VC-SRM4-A - vCenter Site Recovery Manager
VMware VC-VLM4-C - vCenter Lab Manager
VMWARE VCENTER SERVER 4.0 - UPGRADE GUIDE UPDATE 1
VMWARE VCENTER CAPACITYIQ 1.5
VMWARE Categories
Software
Network Hardware
Switch
Storage
More VMWARE Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL