Reference Guide
Table Of Contents
- Dell EMC OpenManage Integration Version 7.3 with Microsoft System Center (OMIMSSC) for System Center Operations Manager (SCOM) Security Configuration Guide
- Contents
- Figures
- Tables
- PREFACE
- Security Quick Reference
- Product and Subsystem Security
- Security Controls Map
- Authentication
- Login security settings
- Authentication types and setup considerations
- User and credential management
- Network security
- Data security
- Cryptography
- Auditing and logging
- Serviceability
- OMIMSSC Operating System update
- Product code integrity
- Miscellaneous Configuration and Management
Sensitive Data Migration
While migrating from old appliance, the old data will be stored as backup file, the key-store and password will be exported
as part of backup procedure. While restoring the data on new appliance, the sensitive data will be re-encrypted using new
encryption key. For additional security, admin user provides password to protect the exported backup files.
Following are the steps to migrate data:
1. Backup the OMIMSSC appliance data using Admin portal. Backup data will be stored on CIFS share. CIFS share can be
accessed by authorized personnel only.
2. Restore the data on the new OMIMSSC appliance.
Cryptography
OMIMSSC uses cryptography for the following components:
● Access control
● Authentication
● Digital signatures
Manage HTTPS certificate
OMIMSSC uses x.509 PKI standard based certificates for secure HTTP access (HTTPS).
By default, OMIMSSC installs and uses the self-signed certificate for the HTTPS secure transactions.
For stronger security, it is recommended to use the Certificate Authority (CA) or Enterprise CA signed certificates.
The self-signed certificate is sufficient to establish an encrypted channel between web browsers and the server. The self-signed
certificate cannot be used for authentication.
You can use the following types of certificates for OMIMSSC authentication:
● A self-signed certificate
OMIMSSC generates self-signed certificates when the hostname of the appliance is configured.
● A certificate that is signed by a trusted certificate authority (CA) vendor.
Update certificates for registered OMIMSSC servers
About this task
The OMIMSSC uses OpenSSL API to create the Certificate Signing Request (CSR) by using the RSA encryption standard with a
2048-bit key length.
The CSR generated by OMIMSSC gets a digitally signed certificate from a trusted certification authority (CA). The OMIMSSC
uses the digital certificate to enable HTTPS on the web server for secure communication. You can upload CA signed certificate
using admin portal.
For more information about HTTPS certificate management in OMIMSSC, see Dell EMC OpenManage Integration with
Microsoft System Center (OMIMSSC) for System Center Operations Manager (SCOM) User's Guide available at https://
www.dell.com/support.
Auditing and logging
Appliance logs
Appliance logs display all OMIMSSC Appliance-specific log messages such as restarting OMIMSSC appliance. You can view this
category of messages only from OMIMSSC Admin Portal.
For more information on specific logs and filters, see Jobs and Log Center section in OMIMSSC for SCOM User's Guide.
Product and Subsystem Security
21