Reference Guide
Table Of Contents
- OpenManage Integration for Microsoft System Center Version 7.3 for Microsoft Endpoint Configuration Manager and System Center Virtual Machine Manager Security Configuration Guide
- Contents
- Tables
- PREFACE
- Security Quick Reference
- Product and Subsystem Security
- Miscellaneous Configuration and Management
Table 5. Ports OMIMSSC uses as client (continued)
Port Number Protocols Port Type Source Direction Destination Usage Description
2049 NFS TCP/UDP OMIMSSC
Appliance
Out OMIMSSC
Appliance
Public Share NFS public
share that is
exposed by
OMIMSSC
appliance to
the managed
nodes and
used in
firmware
update and
operating
system
deployment
flows.
5985, 5986 HTTP/HTTPS TCP/UDP OMIMSSC
Appliance
Out Managed
Node Host
OS
PowerShell
Connectivity
between
Appliance and
Microsoft
System
Center
consoles
Appliance
connect to
Host OS of
MECM and
SCVMM.
Data security
The data that is maintained by OMIMSSC is stored and secured in internal databases within the appliance and it cannot be
accessed from outside. OMIMSSC use AES-256 based encryption for data security.
The data in transit is protected using HTTPS protocol
Data at rest encryption
This section describe capabilities for data-at-rest encryption in OMIMSSC. The sensitive data is stored in encrypted format in
the database. AES encryption algorithm is used with 256 key size.
OMIMSSC have encryption key management in place as described below.
Generate Encryption Key
OMIMSSC support appliance unique encryption key. Each appliance generates a new key during appliance boot up sequence.
Access controls are in place to protect encryption key, key-store, and password.
Change Encryption Key
Encryption key can be changed in by performing change password for admin account. Similarly new encryption key will be used
when appliance restored from one version to higher version.
For more information, see Change OMIMSSC appliance admin password.
Product and Subsystem Security
19