User`s guide
Table Of Contents
- VMware vCenter Configuration ManagerInstallation and Getting Started Guide
- About This Book
- Preparing for Installation
- Installation Manager
- Installation Configurations
- Tools Installation
- General Prerequisites to Install VCM
- Verify Hardware and Software Requirements
- Verify Administration Rights
- Set the Default Network Authority Account
- Specify the Collector Services Account
- Change the Collector Services Account Password in the Services Management Con...
- Change the Collector Services Account Password in the Component Services DCOM...
- Verify the VMware Application Services Account
- Determine the VCM Remote Virtual Directory
- Use Secure Communications Certificates
- Understand Server Authentication
- Verify the Foundation Checker System Checks
- Install UNIX Patch for HP-UX 11.11
- VCM Uses FIPS Cryptography
- Installing VCM
- Installing, Configuring, and Upgrading the OS Provisioning Server and Components
- Upgrading or Migrating VCM
- Upgrades
- Migrations
- Prerequisites to Migrate VCM
- Back Up Your Databases
- Back up Your Files
- Export and Back up Your Certificates
- Migrating VCM
- Migrate Only Your Database
- Replace Your Existing 32-Bit Environment with a Supported 64-bit Environment
- Migrate a 32-bit Environment Running VCM 5.3 or Earlier to VCM 5.4.1
- Migrate a 64-bit Environment Running VCM 5.3 or Earlier to VCM 5.4.1
- Migrate a Split Installation of VCM 5.3 or Earlier to a Single-Server Install...
- How to Recover Your Collector Machine if the Migration is not Successful
- Upgrading VCM and Components
- Maintaining VCM After Installation
- Getting Started with VCM Components and Tools
- Getting Started with VCM
- Discover, License, and Install Windows Machines
- Discover, License, and Install Windows Machines
- Verify Available Domains
- Check the Network Authority
- Assign Network Authority Accounts
- Discover Windows Machines
- License Windows Machines
- Disable User Account Control for VCM Agent Installation
- Install the VCM Windows Agent on Your Windows Machines
- Enable UAC After VCM Agent Installation
- Collect Windows Data
- Windows Collection Results
- Getting Started with Windows Custom Information
- Discover, License, and Install UNIX/Linux Machines
- Discover, License, and Install Mac OS X Machines
- Discover, Configure, and Collect Oracle Data from UNIX Machines
- Customize VCM for your Environment
- How to Set Up and Use VCM Auditing
- Discover, License, and Install Windows Machines
- Getting Started with VCM for Virtualization
- Getting Started with VCM Remote
- Getting Started with VCM Patching
- Getting Started with Operating System Provisioning
- Getting Started with Software Provisioning
- Using Package Studio to Create Software Packages and Publish to Repositories
- Software Repository for Windows
- Package Manager for Windows
- Software Provisioning Component Relationships
- Install the Software Provisioning Components
- Using Package Studio to Create Software Packages and Publish to Repositories
- Using VCM Software Provisioning for Windows
- Related Software Provisioning Actions
- Getting Started with VCM Management Extensions for Assets
- Getting Started with VCM Service Desk Integration
- Getting Started with VCM for Active Directory
- Installing and Getting Started with VCM Tools
- Index
n
FIPS 140-2: Security Requirements for Cryptographic Modules
n
FIPS 46-3: Data Encryption Standard (DES)
n
FIPS 81: DES Modes of Operation
n
FIPS 113: Computer Data Authentication
n
FIPS 171: Key Management
n
FIPS 180-1: Secure Hash Standard (SHA-1)
n
FIPS 186-2: Digital Signature Standard (DSA) and Random Number Generation (RNG)
n
FIPS 198: Message Authentication Codes (MACs) using SHA-1
n
FIPS 197: Advanced Encryption Standard (AES) Cipher
n
FIPS 200: Federal Information Security Management Act (FISMA)
n
SP 800-2: Public Key Cryptography (including RSA)
n
SP 800-20: Triple DES Encryption (3DES) Cipher
VCM Uses Microsoft Cryptographic Service Providers for Windows
Machines
On Windows machines, VCM uses cryptography using the Microsoft CryptoAPI, which is a framework
that dispatches to Microsoft Cryptographic Service Providers (CSPs). CSPs are not shipped with VCM or
installed by VCM, but instead are part of the security environment that is included with Microsoft
Windows. In the configurations supported by VCM, these CSPs are FIPS 140-2 validated.
For a current table of FIPS certificate numbers, see the FIPS 140 Evaluation in the online Microsoft Library.
Cryptography for UNIX/Linux Platforms
On UNIX/Linux platforms, the VCM Agent uses the cryptography of the OpenSSL v0.9.7 module. This
cryptographic library is installed with the VCM Agent.
Cryptography used in VCM Software Components
VCM uses software components that also use cryptography.
n
Microsoft IIS, Internet Explorer, and SChannel (SSL/TLS) systems call the CryptoAPI, and therefore use
the Windows FIPS-validated modules.
n
VCM for Virtualization uses ActiveX COM components from WeOnlyDo! Software (WOD) for SSH and
SFTP services.
n
WOD uses the FIPS 140-2 compliant OpenSSL library.
System
Platform
Open
SSLFIPS 1.1.2
Open
SSLFIPS 1.1.1
Open
SSLCrypt 0.9.7
Crypto++ Crypto
API
UI Windows Used
VCMServer Windows Installed Used
Virt Proxy Windows Installed Used
AD Agent Windows Used
Win Agent Windows Used
Table 1–1. Installed or Used Crytography Modules
Preparing for Installation
VMware, Inc. 17