5.7
Table Of Contents
- VMware vCenter Configuration Manager Security Guide
- Contents
- About This Book
- Introduction to VCM Security
- Domain Infrastructure
- VCM Installation Kits
- Server Zone Security
- VCM Collector Server
- SQL Server
- Web Server
- VCM Agent Systems and Managed Machines
- VCM User Interface System
- Software Provisioning Components
- Operating System Provisioning Components
- Decommissioning
- Authentication
- Transport Layer Security
- Keys and Certificates
- How VCM Uses Certificates
- Installing Certificates for the VCM Collector
- Changing Certificates
- Delivering Initial Certificates to Agents
- Storing and Transporting Certificates
- Mark a Certificate as Authorized on Windows
- Creating Certificates Using Makecert
- Update the Collector Certificate Thumbprint in the VCM Database
- Managing the VCM UNIX Agent Certificate Store
- Supplemental References
- Index
Figure 1–1. VCMComponents and Zones
CAUTION Any system that participates in your VCM environment can contain sensitive data, or it
can hold authentication keys that can grant access to sensitive data on other systems. Never reuse or
dispose of VCM systems without proper decommissioning as described in "Decommissioning" on
page 53.
As shown, a combination of VCM services can share one system. In a single-machine installation, the
Collector, SQL Server, IIS Web server, and Web application are installed on one system. Optional split
installation configurations support running the SQL Server and database on a separate system and the IIS
Web server on a separate system.
How Personnel Use VCM
Different personnel use the features of VCM.
Introduction to VCM Security
VMware, Inc.
11