Installation guide
Contents
Contents
About This Book 7
Introduction to VCM Security 9
VCM Security Environment 9
VCM Components 9
How Personnel Use VCM 11
Trust Zones 12
System Guidelines Across Zones 12
Domain Infrastructure 15
Using VCM to Manage Infrastructure Zone Systems 15
Infrastructure Zone Machine Group 15
Domain Controller 15
Microsoft Domain Controller Hardening Guidelines 16
Domain Controller Diagnostic Tests 16
Network Infrastructure Services 16
Network Infrastructure Systems 16
Domain Accounts 16
Carefully Assigning Accounts 17
VCM Application Services Account 17
Personnel Considerations 17
Confidentiality of Collected Data 17
Vulnerability of Exported Data 17
VCM Installation Kits 19
Sources for Installation Kits 19
Protecting Installation Kits 19
Unknown Software Publisher Warnings 20
Do Not Use VCM Remote to Install Other Software 20
Server Zone Security 21
Using VCM to Manage Server Zone Systems 21
Server Zone Administrator Role 21
Server Zone Auditor Role 21
General Security Guidelines for VCM Servers 22
Protection Profiles 22
Physical Security 22
Disabling Automatic Login 22
Dedicating a Server to VCM 23
Foundation Checker 23
Trusted Software 23
Routine Backup, Patching, and Virus Scanning 23
Authentication Certificates 23
FIPS Cryptographic Service Providers 23
VCM Collector Server 25
Using VCM to Manage the Collector Server 25
Having a Collector Machine Group in VCM 25
SQL Server 27
VMware, Inc.
3