5.6
Table Of Contents
- VMware vCenter Configuration Manager Security Guide
- Contents
- About This Book
- Introduction to VCM Security
- Domain Infrastructure
- VCM Installation Kits
- Server Zone Security
- VCM Collector Server
- SQL Server
- Web Server
- VCM Agent Systems and Managed Machines
- VCM User Interface System
- Software Provisioning Components
- Operating System Provisioning Components
- Decommissioning
- Authentication
- Transport Layer Security
- Keys and Certificates
- How VCM Uses Certificates
- Installing Certificates for the VCM Collector
- Changing Certificates
- Delivering Initial Certificates to Agents
- Storing and Transporting Certificates
- Mark a Certificate as Authorized on Windows
- Creating Certificates Using Makecert
- Update the Collector Certificate Thumbprint in the VCM Database
- Managing the VCM UNIX Agent Certificate Store
- Supplemental References
- Index
Individual CollectionResults
Trust individual collectionresults to be only as valid as their source.
Data collected by VCM is returned by the Agent that runs on the managed machine. Although the Agent
should be protected from tampering by nonadministrator users, it is ultimately subject to modification and
tampering by the machine administrator or a malware infection.
For this reason, do not trust the collected data more than the integrity of the data source. Base your
decisions on aggregate values rather than on individual collection results. For example, consider the
number of machines that have a vulnerability rather than the compliance state of a specific machine.
VCM Agent Systems and Managed Machines
VMware, Inc.
37