5.3

ManualsBrandsVMware ManualsApplicationsvCenter Configuration Manager

Table Of Contents

Copyright
About This Book
Preparing for Installation
- Using Installation Manager
- Understanding Installation Configurations
- Understanding Tools Installation
- Checking Prerequisites for Installation
- Understanding VCM's Use of FIPS Cryptography
Installing VCM Using Installation Manager
- Using the Installation Manager
  - Navigating VCM Installation Manager Screens
  - Installing VCM and the Related Components
Upgrading VCM and Related Components
- Prerequisites
  - Backup and Recovery
  - Assumptions for Upgrading Your VCM Collector and Database
- Upgrading to VCM 5.3
- Upgrading Existing Windows Agents
- Upgrading Existing Remote Clients
- Upgrading Existing UNIX Agents
  - To Upgrade the UNIX Agent(s) with a Local Package
  - To Upgrade the UNIX Agent(s) with a Remote Package
- Upgrading VCM for Virtualization
  - Upgrading an Agent Proxy Machine
  - Upgrading the vSphere Client VCM Plug-in
Getting Started with VCM Components and Tools
- Understanding User Access
- Launching and Logging Onto VCM
  - How to Launch VCM and Log On
- Getting Familiar with the Portal
- Where to Go Next
Getting Started with VCM
- Discover, License, and Install Windows Machines
- Discover, License, and Install UNIX/Linux Machines
- Discover, License, and Install Mac OS X Machines
- Discover, License, and Collect Oracle Data from UNIX Machines
- Customize VCM for your Environment
- How to Set Up and Use VCM Auditing
Getting Started with VCM for Virtualization
- Virtual Environment Configuration
- ESX 2.5/3.x,vSphere 4, and ESXi Servers Collections
- vCenter Server Collections
- Configuring Agent Proxy Virtualization Collections
- Configuring Agent Proxy Machines
- Configuring ESX/vSphere Servers
- Configuring Web Services for ESX/vSphere Server Communication
- Performing an Initial Virtualization Collection
- Exploring Virtualization Collection Results
- Configuring vCenter Server Data Collections
- About the vSphere Client VCM Plug-in
- Further Reading
Getting Started with VCM Remote
- Getting Started with VCM Remote
- Installing the VCM Remote Client
  - Installing the Remote Client manually
- Making VCM Aware of VCM Remote Clients
- Configuring VCM Remote Settings
  - Creating Custom Collection Filter Sets
  - Specifying Custom Filter Sets in the VCM Remote Settings
- Performing a Collection Using VCM Remote
- Exploring VCM Remote Collection Results
Getting Started with VCM Patching
- Getting Started with VCM Patching
- Getting Started with VCM Patching for Windows Machines
- Getting Started with VCM Patching for UNIX/Linux Machines
- Further Reading
Getting Started with Software Provisioning
- VMware vCenter Configuration Manager Package Studio
- Software Repository for Windows
- Package Manager for Windows
- Overview of Component Relationships
- Installing the Software Provisioning Components
- Using Package Studio to Create Software Packages and Publish to Repositories
  - Creating Packages
- Using VCM Software Provisioning for Windows
- Related Software Provisioning Actions
- Further Reading
Getting Started with VCM Management Extensions for Assets
- Getting Started with VCM Management Extensions for Assets
- Review Hardware and Software Configuration Item Fields
  - Modifying Hardware Configuration Item Fields
  - Modifying Software Configuration Item Fields
- Adding Hardware Configuration Items
  - Editing Values for Devices
  - Modifying Other Devices
- Adding Software Configuration Items
- Further Reading
Getting Started with VCM Service Desk Integration
- Getting Started with Service Desk Integration
- Service Desk Integration in the Console
- Service Desk Integration in Job Manager
- Further Reading
Getting Started with VCM for Active Directory
- Making VCM Aware of Domain Controllers
- Configuring VCM for Active Directory as an Additional Product
- Performing an Active Directory Data Collection
- Exploring Active Directory Collection Results
- Further Reading
Getting Started with VCM for SMS
- Getting Started with VCM for SMS
- Making VCM Aware of the SMS Servers
- Performing SMS Server Collections
- Performing SMS Client Collections
- Exploring SMS Collection Results
- Further Reading
Getting Started with Windows Server Update Services
- Getting Started with Windows Server Update Services
- Making VCM Aware of the WSUS Server
- Performing WSUS Server Collections
- Performing WSUS Client Collections
- Exploring WSUS Collection Results
  - Viewing WSUS Clients
  - Viewing WSUS Reports
- Further Reading
Accessing Additional Compliance Content
- Locating the Content Directory
- Launching the Content Wizard to Import Relevant Content
- Exploring Imported Content Results in the Portal
Installing and Getting Started with VCM Tools
- Installing the VCM Tools Only
- Foundation Checker
- VCM Job Manager Tool
- VCM Import/Export and Content Wizard (CW)
  - VCM Import/Export
  - Content Wizard
Maintaining VCM After Installation
- Customize VCM and Component-specific Settings
- Configure Database File Growth
- Configure Database Recovery Settings
- Create a Maintenance Plan for SQL Server 2005
- Incorporate the VCM CMDB into your Backup/Disaster Recovery Plans
Troubleshooting Problems with VCM
- Evaluating Missing UNIX Patch Assessment Results
- Resolving Reports and Node Summaries Problems
  - To Resolve the Problem
- Resolving Protected Storage Errors
  - To Resolve the Problem
- Resetting the Required Secure Channel (SSL)
- Resolving a Report Parameter Error
Configuring a Collector as an Agent Proxy
- Verifying Membership to CSI_COMM_PROXY_SVC on the Agent Proxy Machine
- Generating Key Pairs on the Agent Proxy Machine
- Uploading Keys to the Database
Index

For UNIX/Linux, each UNIX/Linux installation package is targeted for one or more supported platforms.

To install the UNIX/Linux Agent using a provisioning system, extract the installation package as

appropriate and then deploy the extracted file with the provisioning system. The Enterprise Certificate is

embedded in the installation package on the collector.

For more information about Installing the Agent on UNIX/Linux Machines and UNIX/Linux packages and

platforms, refer to section Installing the VCM Agent on UNIX/Linux Machines.

Understanding VCM's Use of FIPS Cryptography

Federal Information Processing Standards (FIPS) are developed by the US National Institute of Standards

(NIST) and the Canadian Communications Security Establishment (CSE). VCM incorporates cryptography

as set forth in the FIPS standards. Components of VCM use cryptography to protect the confidentiality,

integrity, availability, and authenticity of customer data. The FIPS standards require adherence by VCM to

the following standards:

FIPS 46-3: Data Encryption Standard (DES)

FIPS 81: DES Modes of Operation

FIPS 113: Computer Data Authentication

FIPS 171: Key Management

FIPS 180-1: Secure Hash Standard (SHA-1)

FIPS 186-2: Digital Signature Standard (DSA) and Random Number Generation (RNG)

FIPS 198: Message Authentication Codes (MACs) using SHA-1

FIPS 197: Advanced Encryption Standard (AES) Cipher

FIPS 200: Federal Information Security Management Act (FISMA)

SP 800-2: Public Key Cryptography (including RSA)

SP 800-20: Triple DES Encryption (3DES) Cipher

VCM’s Use of Microsoft Cryptographic Service Providers (CSPs) for

Windows Machines

On Windows machines, VCM uses cryptography by way of the Microsoft CryptoAPI, which is a

framework that dispatches to Microsoft Cryptographic Service Providers (CSPs). CSPs are not shipped

with VCM or installed by VCM, but instead are part of the security environment included with Microsoft

Windows. In the configurations supported by VCM, these CSPs are FIPS 140-2 validated.

Cryptography for UNIX/Linux Platforms

On UNIX/Linux platforms, the VCM Agent uses the cryptography of the OpenSSL v0.9.7 module. This

cryptographic library is installed with the VCM Agent.

Preparing for Installation

VMware, Inc. 17