VMware vCenter Configuration Manager Security Guide vCenter Configuration Manager 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
VCM Security Guide You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com © 2006–2012 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.
Contents About This Book 7 Introduction to VCM Security 9 VCM Security Environment VCM Components How Personnel Use VCM Trust Zones System Guidelines Across Zones 9 9 11 12 12 Domain Infrastructure Using VCM to Manage Infrastructure Zone Systems Infrastructure Zone Machine Group Domain Controller Microsoft Domain Controller Hardening Guidelines Domain Controller Diagnostic Tests Network Infrastructure Services Network Infrastructure Systems Domain Accounts Carefully Assigning Accounts VCM Application
VCM Security Guide Using VCM to Manage the SQL Server Having a SQL Server Machine Group in VCM Microsoft SQL Server Best Practices and Hardening Tests Direct SQL Server Login Login Accounts for SQL Server Restrict Access to Configuration Tools Delegation for Split Installations Do Not Connect from Outside the Server Zone Web Server 31 Using VCM to Manage the Web Server Having a Web Server Machine Group in VCM Using Windows Integrated Authentication Using HTTPS Web Server Certificates Mutual Authenticati
Contents VMware Software Publisher Certificate FIPS Cryptographic Service Providers Running Anti-virus and Anti-rootkit Tools Software Provisioning Components Separating and Securing the Software Provisioning Zone Software Publishers and Software Signing Protection of Repositories Connecting to Repositories Software Provisioning Credentials Operating System Provisioning Components Separating and Securing the OS Provisioning Zone Dedicating a Server to Operating System Provisioning Closing Unnecessary Por
VCM Security Guide Mark a Certificate as Authorized on Windows Creating Certificates Using Makecert Create the Enterprise Certificate and First Collector Certificate Create Certificates for Additional Collectors Importing Certificates for Additional Collectors Makecert Options Update the Collector Certificate Thumbprint in the VCM Database Managing the VCM UNIX Agent Certificate Store Using CSI_ManageCertificateStore Supplemental References Cryptography FIPS for Windows FIPS Used by VCM Agent Proxies Expo
About This Book The VMware vCenter Configuration Manager Security Guide describes how to harden vCenter Configuration Manager (VCM) for secure use. Parts of this document describe assumptions made in the design and operation of VCM. For example, the guarantees regarding VCM logins assume that the domain controller for each user is trusted. Other parts of this document describe specific, nondefault hardening requirements that you must apply.
VCM Security Guide environment. To access information about education classes, certification programs, and consulting services, go to http://www.vmware.com/services. 8 VMware, Inc.
Introduction to VCM Security 1 To understand VCM security requirements, familiarize yourself with the overall security environment, VCM components, VCM personnel roles, and trust zones. VCM Security Environment VCM operates in the context of a security environment, which involves system configuration, personnel and usage assumptions, organizational security policies, and best practices.
VCM Security Guide n Collector service that processes requests and receives results n SQL Server database that stores results and application control information n Internet Information Services (IIS) Web server that hosts the UI Web application and accepts work requests n Browser-based user interface (UI) that renders in Internet Explorer (IE) on user desktops n Agents that inspect managed machines and return results in response to requests In some installations, optional components might also be
Introduction to VCM Security Figure 1–1. VCM Components and Zones CAUTION Any system that participates in your VCM environment can contain sensitive data, or it can hold authentication keys that can grant access to sensitive data on other systems. Never reuse or dispose of VCM systems without proper decommissioning as described in "Decommissioning" on page 53. As shown, a combination of VCM services can share one system.
VCM Security Guide n VCM users and administrators log in to VCM and use its Web interface to administer managed machines using the Agents, run compliance tests, and generate reports. VCM administrators, users, or managed machine administrators can install, upgrade, and uninstall Agents. Trust Zones Conceptually, VCM components are organized into trust zones.
Introduction to VCM Security Requirement Infrastructure Zone Server Zone UI Zone Agent Zone Access to machine configuration settings is restricted. X X X X Routine backups, patches, and virus scanning are performed. X X X X The provisioning zone is not listed in the table. For provisioning details, see "Software Provisioning Components" on page 45 or "Operating System Provisioning Components" on page 49 . VMware, Inc.
VCM Security Guide 14 VMware, Inc.
Domain Infrastructure 2 Securing the domain infrastructure for use with VCM involves configuring the domain controller, network infrastructure services, network infrastructure systems, certificates, accounts, and personnel. Using VCM to Manage Infrastructure Zone Systems After you install VCM, your first course of action should be to manage infrastructure zone systems in VCM and subject them to assessment.
VCM Security Guide Microsoft Domain Controller Hardening Guidelines To secure the domain controller for use with VCM, start by following Microsoft domain controller hardening guidelines, available for various server versions on the Microsoft Web site. The Microsoft guidelines are more comprehensive than the compliance templates and need to be followed even if you are managing the domain controller with VCM.
Domain Infrastructure Carefully Assigning Accounts As an enterprise-wide configuration management and compliance tool, VCM can collect, correlate, and change system data on managed machines throughout the enterprise. VCM can configure security policies, collect and aggregate confidential information, install software and patches, and generally act as an administrator interface over an entire network.
VCM Security Guide VCM cannot control access to data after it is exported in these ways. When data must be exported, personnel must protect the exported files while stored or in transit to other sites. 18 VMware, Inc.
VCM Installation Kits 3 Like the systems on which VCM runs, the software installation kits for VCM must be secured and protected from tampering. Sources for Installation Kits Secure operation of VCM requires that its product software kit not be tampered with and that it is intact as delivered by VMware. The best practice is to ensure that each kit is obtained directly from VMware, from another secure and trusted source, or that it is verified.
VCM Security Guide Unknown Software Publisher Warnings Do not ignore unknown software publisher warnings during ClickOnce installations unless the publisher is VMware. When you install ClickOnce software through the VCM user interface, Internet Explorer warns you when the software comes from an untrusted publisher. An untrusted publisher can be anyone, even a company that you recognize. The warning means only that the certificate is not in the trusted software publisher certificate store.
Server Zone Security 4 Address the following security environment guidelines for all systems in the server zone, including the VCM Collector, SQL Server host, and Web server. These three functions might reside all on one system, or they might be distributed across two or three. Be sure to apply the security settings in this chapter to all the systems that are used. Server zone systems must be treated and managed with security measures that are consistent with those used for the infrastructure zone.
VCM Security Guide General Security Guidelines for VCM Servers In the server zone, VCM systems store and manipulate the collected data and change requests for every managed machine.
Server Zone Security Dedicating a Server to VCM VCM relies on the server operating system to protect the confidentiality, integrity, and availability of server zone data from other services or users that run on the VCM server zone systems. When server zone systems are used for purposes other than VCM, the risk of granting unintended access to VCM data exists if those services or users have server administrator rights.
VCM Security Guide The Microsoft CSPs that ship with Windows 2000, 2003, XP, Vista, Windows 7, and Server 2008 meet the FIPS 140–2 standard. Do not delete, replace, or supplement these packages with non-FIPS cryptography. All systems in this zone are Microsoft Windows-based.
VCM Collector Server 5 The following sections describe security and hardening guidelines that are unique to the VCM Collector function by itself. The Collector might be the same machine as the one that hosts the database or the Web server, or it might be a standalone system. Using VCM to Manage the Collector Server After you install VCM, use it to manage the Collector server itself, subject it to assessment, and maintain its integrity.
VCM Security Guide 26 VMware, Inc.
SQL Server 6 The following sections describe security and hardening guidelines that are unique to the system where Microsoft SQL Server and your databases are installed. The database machine might be the same one as the VCM Collector, or it might be a separate machine if you are running a split VCM installation. Using VCM to Manage the SQL Server After you install VCM, use it to manage the SQL Server system, subject it to assessment, and maintain its integrity.
VCM Security Guide n SQL Server 2005 Best Practices Analyzer Tool n SQL Server 2008 R2 Best Practices Analyzer Tool A secure installation of VCM pays particular attention to the Security Best Practices items regarding patching, physical security, service packs, and firewalls. See the following references, available from the Microsoft Web site.
SQL Server For secure operation of VCM, configure for delegation. With private login, the VCM Web service maintains a copy of the VCM user's login credentials, which presents a security risk. Do Not Connect from Outside the Server Zone Prevent connections to the VCM SQL Server database from outside the server zone. Even authorized VCM users must not connect directly to the database from remote locations. A firewall is one means of preventing these connections.
VCM Security Guide 30 VMware, Inc.
Web Server 7 This chapter describes security and hardening guidelines that are unique to the Web server system where Microsoft Internet Information Service (IIS) is installed and from which the VCM Web console is served. The Web server machine might be the same one as the VCM Collector, or it might be a separate system if you are running a split VCM installation.
VCM Security Guide Use Integrated Windows Authentication (IWA) with this directory by setting the IIS metabase property NTAuthenticationProviders to the string 'Negotiate,NTML', which is the default value. As a VCM administrator, set this value at the /VCM virtual directory to prevent subsequent modifications to the IIS metabase from unintentionally overriding the default value.
VCM Agent Systems and Managed Machines 8 This chapter describes security and hardening guidelines for what is possibly the largest part of your security environment, the enterprise-wide body of managed machines that you monitor through VCM. The VCM Agent is the software that is installed on each managed machine to collect configuration information and securely return it to the VCM Collector.
VCM Security Guide Restricting Access to Scripting Grant access to script authoring, remote commands, content authoring, and import and export only to VCM administrators. VCM role-based access controls protect the confidentiality and integrity of data from any user interface or API actions, but not from scripts written by users. Malicious VCM scripts, remote commands, compliance rules, or imported content can bypass the VCM role-based access controls.
VCM Agent Systems and Managed Machines Use physical (possession, locks) or cryptographic (encrypted file system) means to maintain continuous control. Unauthorized Agents The managed machine administrator must not allow unauthorized Agents to run, even when the Agent is an authentic one. An Agent can be installed using an authentic installation kit, but still not be authorized to return data. For example, it can be a nonadministrator's private Agent.
VCM Security Guide Trusted Certificate Store The Agent validates up to two certificates while authenticating and authorizing a Collector: a root certificate and an Enterprise certificate. During VCM installation, the customer can create a single, selfsigned certificate to serve as both root and Enterprise certificate, or point to a root certificate from an external public key infrastructure. In either case, the root certificate is stored in the managed machine's trusted certificate store.
VCM Agent Systems and Managed Machines Individual Collection Results Trust individual collection results to be only as valid as their source. Data collected by VCM is returned by the Agent that runs on the managed machine. Although the Agent should be protected from tampering by nonadministrator users, it is ultimately subject to modification and tampering by the machine administrator or a malware infection. For this reason, do not trust the collected data more than the integrity of the data source.
VCM Security Guide 38 VMware, Inc.
VCM User Interface System 9 The VCM Web Console runs in Internet Explorer and connects to the VCM Web application served by IIS. Because VCM users also browse the Internet using Internet Explorer, VCM requires security measures to protect users of the VCM browser interface from spoofing and cross-site scripting attacks. Using VCM to Manage the UI System After you install VCM, your first course of action should be to manage user interface systems in VCM and subject them to assessment.
VCM Security Guide Access Control The security environment for machines in the user interface zone is less strict than in the server zone. User interface machines are not required to be protected by firewalls or isolated from the Internet.
VCM User Interface System Public Access Points Do not run the VCM user interface from public systems or from public Internet access points like kiosks or Internet cafés. Network traffic between the VCM user interface and VCM Web server is encrypted and mutually authenticated. In spite of the safeguards, running VCM across the open Internet suggests that the VCM user interface system is also being used for general Internet browsing and purposes other than configuration management.
VCM Security Guide To add the VCM Web server to the Internet Explorer trusted zone, see the instructions in the VCM Installation Guide. Removing Untrusted Systems Do not allow untrustworthy systems to remain in the Internet Explorer trusted zone with the VCM Web server. This step isolates the VCM Web site from untrusted sites and helps reduce the risk of cross-site scripting attacks.
VCM User Interface System NOTE Initially, Internet Explorer asks you to review the details of self-signed certificates. It treats selfsigned certificates as suspicious until you add them to the trusted store. Trusted SSL certificates are those that are issued by members of the Microsoft Root Certificate Program, listed on the Microsoft Web site.
VCM Security Guide 44 VMware, Inc.
Software Provisioning Components 10 A software package is composed of the files and scripts necessary to install and remove programs. VCM software provisioning supports software that is installed using technologies such as MSI and EXE packages. The VCM software provisioning components are Package Studio, Package Manager, and software package repositories.
VCM Security Guide Separating and Securing the Software Provisioning Zone Make the software provisioning zone network a private network. Use a separate, dedicated network interface to connect the software provisioning server with its provisioning zone network. For more information about private network interfaces, see the VCM Installation Guide. Restrict access to the software provisioning zone to personnel who are trusted to install software and act as network administrators.
Software Provisioning Components Software Provisioning Credentials Normally, VCM does not store customer credentials on a managed machine. During software provisioning though, the Network Authority credentials are temporarily stored and used to authorize package installation, uninstallation, user access control (UAC), access to network repositories, restart, or resume activities.
VCM Security Guide 48 VMware, Inc.
Operating System Provisioning Components 11 VCM operating system provisioning deploys operating system images to targets that are started over the network. The target machine uses a PXE startup process to contact a DHCP server that identifies the OS Provisioning Server as the source of a bootable image, referred to as a distribution.
VCM Security Guide Separating and Securing the OS Provisioning Zone Make the operating system provisioning zone network a private network. Use a separate, dedicated network interface to connect the OS Provisioning Server with its provisioning zone network. For more information about private network interfaces, see the VCM Administration Guide. Restrict access to the operating system provisioning zone to personnel who are trusted to install operating systems and act as network administrators.
Operating System Provisioning Components To mitigate this risk, use one or more of the following techniques: n Use operating system provisioning only across a secure network. After a machine is provisioned, it can then be transferred to a less secure network and used like any other managed machine. n Do not join machines to domains during operating system provisioning activities.
VCM Security Guide 52 VMware, Inc.
Decommissioning 12 Systems where VCM was installed contain private keys, sensitive credentials, and collection results. Properly decommission such machines before disposing of them or using them for another purpose. Erasing versus Deleting For VCM decommissioning, full erasure involves more than deleting files. After you transfer any sensitive data to retain, follow best practices to completely remove confidential data.
VCM Security Guide Besides being difficult to copy securely, copying a private key presents the risk of sharing it with more than one machine, a configuration that is unsupported. Always generate a distinct key for each Collector during the installation process. Because TLS mutual authentication is used by default, the process of installing the Agent also creates a distinct key for each Agent.
Decommissioning Always trace the origin of your virtual machines backward and forward so that you find all systems that contain confidential data or keys. VMware, Inc.
VCM Security Guide 56 VMware, Inc.
Authentication 13 This chapter describes the VCM authentication and certificate structure. To understand these concepts, you must have some familiarity with secure authentication and certificates. Transport Layer Security Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide endpoint authentication and secure communication over any transport.
VCM Security Guide Using Single or Paired Keys Encryption usually uses one of the following approaches: n Single key (symmetric) algorithms rely on a single key that both encrypts and decrypts the information. A single key must always be kept secret. n Paired keys (asymmetric) are slower but use one key to encrypt and the other to decrypt. Either key can encrypt, then the other decrypts.
Authentication Certificate Expiration and Revocation Because keys can be compromised and circumstances can change, keys and certificates are not designed for indefinite use. Certificates are created for a finite period of validity, before and after which they must not be used or trusted. If a certificate expires without being renewed or replaced, it cannot be used to establish a TLS session. You can revoke certificates to indicate the withdrawal of trust, even before they expire.
VCM Security Guide n An Enterprise certificate n One or more Collectors, each with a certificate n An Agent certificate for each managed machine, for mutual authentication VCM Agents and Collectors trust each other when their respective certificates are issued by the same Enterprise certificate. To view information regarding your Enterprise and Collector certificates, click Administration, and select Certificates.
Authentication Figure 13–2. Shared Collector-Agent Relationship To properly support the trust chain, mutual authentication, and multiple Collector environments, Enterprise certificates in VCM must have the following properties: n Must be able to sign certificate requests. n Can be self-signed. If the certificate is self-signed, it is assumed that you trust it. The trust is implemented by placing the certificate in the Trusted Root store (Windows) or in the VCM store (UNIX).
VCM Security Guide Authorized Certificates in the Trust Chain Agents maintain a store of trusted certificates used for authenticating Collectors. When a Collector sends its certificate to the Agent during the TLS handshake, the Agent verifies the trust chain from the Collector certificate back to a trust root, such as the Enterprise certificate. VCM 5.5 extends the trust process to require that at least one of the certificates in the chain be marked as authorized to communicate with the Agent.
Authentication First Contact When a Collector first contacts an Agent, the Agent determines whether the Agent already has a certificate and private key pair. If the Agent does not have a certificate and private key pair, it generates a self-signed certificate and private key. The Agent stores these in its own certificate storage area, the Microsoft store on Windows or the VCM certificate store on UNIX. Next, the Agent certificate is sent to the Collector as part of the TLS handshake.
VCM Security Guide n Collector certificate. Local machine personal system store n Enterprise certificate. Local machine trusted root system store The private key of the Enterprise certificate does not need to be stored on the Collector. To create your own certificates in advance of VCM installation, see "Collector Certificate" on page 61 for requirements, or see "Creating Certificates Using Makecert" on page 70 to create certificates without full PKI support.
Authentication This renewal process only works for Collector certificates stored in the Agent certificate store. In mutual authentication in the other direction, Agent certificates do not have an automated renewal capability at the Collector certificate store. Replacing Certificates The only way to ensure the authenticity of a new root or trusted certificate is to receive it from a secure and trusted source.
VCM Security Guide Replace Only the Collector Certificate After VCM installation, you can replace the certificates generated or selected during installation. To replace only the Collector certificate, follow these steps. 1. Create or obtain a new Collector certificate (and associated private key) that is signed by the Enterprise certificate. To create a Collector certificate using the Makecert certificate creation tool, see "Creating Certificates Using Makecert" on page 70. 2.
Authentication Installing on Windows with CMAgtInstall.exe The CMAgtInstall.exe installer executable file does not contain certificates for Agents. Instead, CMAgtInstall.exe requests the location of your VCM certificate, so you must have it preloaded on the managed machine before installing. To do so, copy the certificate file with the .pem extension from the CollectorData folder of the Collector. NOTE The same guidelines apply if you are installing from an MSI installer.
VCM Security Guide Storing and Transporting Certificates A certificate contains the public half of a key pair, identifying information, and an authenticating signature. Although none of this information is confidential, you must ensure and maintain the authenticity of certificates that you distribute so that untrustworthy certificates are never used inadvertently. You can store a certificate in a format that includes the private key.
Authentication If you are exporting the private key, store the file to a secure folder. 9. Type a name for the certificate file and click Save. 10. Click Next. 11. Review your settings and click Finish. Import a Certificate on Windows A computer might have file associations that allow you to click the certificate file to import it to the store for the current user.
VCM Security Guide Prerequisites n Open the certificate store. See "Access the Windows Certificate Store" on page 68. n Import the certificate into the Agent machine. See "Import a Certificate on Windows" on page 69. Procedure 1. Open a text editor. You need a blank page on which to temporarily paste some long values. 2. Browse to the store and certificate, right-click, and select Open. 3. Select the Details tab. 4. In the list of fields, select Subject. 5.
Authentication Create the Enterprise Certificate and First Collector Certificate In this process, the Enterprise and first Collector systems are the same machine. See "Makecert Options" on page 72 for details about the command-line switches used here. 1. Type the following command to create the CM Enterprise certificate: makecert -pe -n "" -ss Root -sr LocalMachine -r -sky exchange -sk "" -b mm/dd/yyyy -e mm/dd/yyyy -len 1024 -h 2 -cy authority -eku 1.3.6.1.5.5.7.
VCM Security Guide Example makecert -pe -n "CN=CM Collector Certificate BBBBBB" -sky exchange -sv "CM Collector BBBBBB.pvk" -b 04/07/2008 -e 04/07/2018 -len 1024 -in "CM Enterprise Certificate AAAAAA" -is Root -ir LocalMachine -cy authority eku 1.3.6.1.5.5.7.3.1 "CM Collector BBBBBB.pem" 2. Type the following command to convert the x509 certificate file to a file-based certificate store in the named SPC file. cert2spc .cer .
Authentication NOTE VCM programmatically uses a long GUID, represented by AAAAAA or BBBBBB, to ensure that a name is unique. You do not need a long GUID in a manual process though. Any unique identifier is sufficient. Table 13–1. Makecert Command-Line Options Option Description -b, -e Specify begin and end dates. Choose appropriate dates, or omit them. You cannot enter a time with the date. The time is always assumed to be 12:00 AM GMT.
VCM Security Guide Option Description the VCM installer have the form: "CN=VMware VCM Collector Certificate AAAAAA, T=VMware VCM Certificate 7529006C-222F-4EBF-A7E7-F6AB15DB626F, O=" n CN: Generic name based on a GUID generated for each set of certificates created. Required. n T: Static field identifying VCM generated certificates and is the same for all generated certificates. Optional. n OU: Static field. Optional. n O: Contains the customer name identified in the license file.
Authentication use update ecm_sysdat_configuration_values set configuration_value = upper(replace( 'xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx' ,' ','')) where configuration_name='config_security_certificate_fingerprint' Managing the VCM UNIX Agent Certificate Store The VCM UNIX Agent certificate store is a protected data storage area that holds Enterprise and Collector certificates for server authentication, and the Agent certificate and private key for mut
VCM Security Guide CSI_ManageCertificateStore Options The following printout of the CSI_ManageCertificateStore manpage is useful in understanding the CSI_ ManageCertificateStore command options. # CSI_ManageCertificateStore -? Usage: /opt/CMAgent/CFC/3.
Authentication CSI_ManageCertificateStore -d -f filename or CSI_ManageCertificateStore -d -g fingerprint Delete existing certificates from the certificate store: CSI_ManageCertificateStore -d -s subject Delete all existing certificates from the certificate store: CSI_ManageCertificateStore -d -a Display an existing certificate from the certificate store: CSI_ManageCertificateStore -l -f filename or CSI_ManageCertificateStore -l -g fingerprint Display existing certificates from the certificate store: CSI_Ma
VCM Security Guide By default, the -l option for listing certificates causes all certificates in the store to be listed. This behavior can be modified by specifying options that narrow the requested results. For example, -g fingerprint always limits the action to the single matching certificate. # CSI_ManageCertificateStore -l Certificate: Fingerprint: 1C564431B9B28DC4D24BB920FD98B539FF57C0C2 Common Name: testca1.VMware.com Subject : CN = testca1.VMware.
Authentication Inserting Certificate: Fingerprint: 0041AB5ECF869E1D6A38389A6B834D5768932397 Common Name: Enterprise Certificate 2CA82018-20E1-4487-8A02-DA7A2CFD4304 Subject : O =VMware, Inc., OU = VMware vCenter Configuration Manager, title = VCM Certificate 7529006C-222F-4EBF-A7E7-F6AB15DB626F, CN = Enterprise Certificate 2CA82018-20E1-4487-8A02-DA7A2CFD4304 Export Certificates from the Store By default, the -e option for exporting certificates causes all certificates in the store to be exported.
VCM Security Guide 80 VMware, Inc.
14 Supplemental References This chapter provides reference information about VCM and its security implementation. Cryptography If your organization must conform to the Federal Information Processing Standards (FIPS) for cryptography, use the standards that VCM supports. FIPS for Windows For the following Windows platforms, VCM uses the Microsoft CryptoAPI and the Microsoft Cryptographic Service Providers (CSPs), which is included with Microsoft Windows. Table 14–1.
VCM Security Guide Operating System Version Hardware Platform FIPS Module Certificate Windows 2000 All x86 103 Windows 2008 1 x86 and 64-bit; Itanium is not supported. See "Cryptographic RSA Enhanced Validated Modules" on page 82 and "Cryptographic DSS Enhanced Validated Modules" on page 82.
Supplemental References DSSENH Validated Operating Systems Validated Versions FIPS Certificate # FIPS Version Validated Windows 2000 SP2 5.0.2195.2228 #103 140–1 Windows 2000 SP3 5.0.2195.3665 #103 140–1 Windows XP 5.1.2518.0 #240 140–1 Windows XP SP2 5.1.2600.2133 #240 140–1 Windows XP Professional SP3 5.1.2600.5507 #990 140–2 Vista Ultimate Edition 6.0.6000.16386 #894 140–2 Vista Ultimate Edition SP1 6.0.6001.18000 #1003 140–2 Windows Server 2008 6.0.6001.
VCM Security Guide OpenSSL-FIPS, OpenSSL, libssh2 n Communication protocols; such as TCP, Telnet, X.25, IEEE 802.11, IEEE 802.16, or SIP: Communication takes place over TCP/IP within encrypted channels using Microsoft DCOM, SSL, or TLS (SSL v3.1+). The following protocols are used within or to construct the channels: TCP UDP HTTP FTP TFTP DHCP SNMP n Encryption protocols; such as SSL, TSL, SSH, IPSEC, IKE, SRTP, ECCN, MD5, SHA, X.
Supplemental References VMware, Inc.
VCM Security Guide 86 VMware, Inc.
Index A access UI zone machines accounts domain granted agent certificate install installation manual installation one per machine provisioning installation UNIX certificate store UNIX/Linux installation zone agent proxy FIPS asset classes attacks cross-site cross-site scripting authentication server authorized certificate 35 40 40 17 59, 62 66 33 67 35 67 75 67 12 83 33 42 41 57 62, 69, 76 B backups baseline OS images best practices firewalls patching physical security service packs SQL Server SQL Serve
VCM Security Guide network infrastructure hosts services F FIPS agent proxy Windows hardware firewall SQL Server Foundation Checker 83 81 O 28 23 OS images OS provisioning output, certificate store 81 53 50 16 42 32 I IE trusted zone untrusted machines Web host IIS metabase property, string import, certificate infrastructure zone installation after system checks agent Agent kits kits, protected single-server single server split configuration 42 42 31 69 12 23 67 33 19 19 28 11 28 47 M machine con
Index machine managed machines no direct connection trusted software services network infrastructure signed packages software ClickOnce packages provisioning provisioning extensions repository unknown publisher split installation trusted zone SSRS reports require HTTPS standards certificates store certificate system checks system configuration files 23 23 28 23, 42 16 46 20 45 45 47 45 20 28 42 W Web browser preparation Web Service private login requires HTTPS Web site root Windows integrated authenticat
VCM Security Guide 90 VMware, Inc.
