Reference Guide
Table Of Contents
- OpenManage Integration for Microsoft System Center Version 7.3 for Microsoft Endpoint Configuration Manager and System Center Virtual Machine Manager Security Configuration Guide
- Contents
- Tables
- PREFACE
- Security Quick Reference
- Product and Subsystem Security
- Miscellaneous Configuration and Management
Sensitive Data Migration
About this task
While migrating from old appliance the old data will be stored as backup file, the key-store and password will be exported as part
of backup procedure. While restoring the data on new appliance, the sensitive data will be re-encrypted using new encryption
key. For additional security, admin user provided password is used to protect the exported backup files.
Following are the steps to migrate data:
Steps
1. Backup the OMIMSSC appliance data using Admin portal. Backup data will be stored on CIFS share. CIFS share can be
accessed by authorised personnel only.
2. Restore the data on the new OMIMSSC appliance.
Cryptography
OMIMSSC uses cryptography for the following components:
● Access control
● Authentication
● Digital signatures
Manage HTTPS certificate
OMIMSSC uses x.509 PKI standard based certificates for secure HTTP access (HTTPS).
By default, OMIMSSC installs and uses the self-signed certificate for the HTTPS secure transactions.
For stronger security, it is recommended to use the Certificate Authority (CA) or Enterprise CA (internal) signed certificates.
The self-signed certificate is sufficient to establish an encrypted channel between web browsers and the server. The self-signed
certificate cannot be used for authentication.
You can use the following types of certificates for OMIMSSC authentication:
● A self-signed certificate
OMIMSSC generates self-signed certificates when the hostname of the appliance configured.
● A certificate that is signed by a trusted certificate authority (CA) vendor.
Update certificates for registered OMIMSSC servers
About this task
The OMIMSSC uses OpenSSL API to create the Certificate Signing Request (CSR) by using the RSA encryption standard with a
2048-bit key length.
The CSR generated by OMIMSSC gets a digitally signed certificate from a trusted certification authority (CA). The OMIMSSC
uses the digital certificate to enable HTTPS on the web server for secure communication. You can upload CA signed certificate
using admin portal.
For more information about HTTPS certificate management in OMIMSSC,, see the OpenManage Integration for Microsoft
System Center Version 7.3 for Microsoft Endpoint Configuration Manager and System Center Virtual Machine Manager 7.3
User`s Guide available at https://www.dell.com/support.
20
Product and Subsystem Security