5.7
Table Of Contents
- VMware vCenter Configuration Manager Security Guide
- Contents
- About This Book
- Introduction to VCM Security
- Domain Infrastructure
- VCM Installation Kits
- Server Zone Security
- VCM Collector Server
- SQL Server
- Web Server
- VCM Agent Systems and Managed Machines
- VCM User Interface System
- Software Provisioning Components
- Operating System Provisioning Components
- Decommissioning
- Authentication
- Transport Layer Security
- Keys and Certificates
- How VCM Uses Certificates
- Installing Certificates for the VCM Collector
- Changing Certificates
- Delivering Initial Certificates to Agents
- Storing and Transporting Certificates
- Mark a Certificate as Authorized on Windows
- Creating Certificates Using Makecert
- Update the Collector Certificate Thumbprint in the VCM Database
- Managing the VCM UNIX Agent Certificate Store
- Supplemental References
- Index
Requirement Infrastructure
Zone
Server
Zone
UI
Zone
Agent
Zone
Cryptographic service providers are FIPS-140
validated.
X X
Only trusted software is installed in the zone. X X X
Access to machine configuration settings is
restricted.
X X X X
Routine backups, patches, and virus scanning are
performed.
X X X X
Table 1–1. Zones and Requirements
The provisioning zone is not listed in the table. For provisioning details, see "Software Provisioning
Components" on page 45 or "Operating System Provisioning Components" on page 49 .
Introduction to VCM Security
VMware, Inc.
13