Manualshelf

Installation guide

ManualsBrandsVMware ManualsOtherVCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION
31323334353637383940
Restricting Access to Scripting
Grant access to script authoring, remote commands, content authoring, and import and export only to
VCM administrators.
VCM role-based access controls protect the confidentiality and integrity of data from any user interface or
API actions, but not from scripts written by users. Malicious VCM scripts, remote commands, compliance
rules, or imported content can bypass the VCM role-based access controls.
By default, only VCM administrators should have access to these functions. The VMware vCenter
Configuration Manager Hardening - Host compliance template can report on any nonadministrators
who have access to them.
Users Who Are Not Local Administrators
Local machine administrators delegate administrator control of managed machines to VCM. In turn, VCM
delegates administrator access to VCM users. The result is that VCM users can effectively be
administrators outside of whether they are registered as a local machine administrator in Active Directory
or in the local machine administrator group.
To account for and disclose the existence of these "effective" administrators, register the VCM users as local
machine administrators on the machines that they manage. That way, an examination of the local machine
administrator list correctly reveals all users who have administrator rights.
The VMware vCenter Configuration Manager Hardening - Host compliance template can report VCM
users who are not local administrators of the machines that they manage.
VCM Agent
Address the following security guidelines regarding the VCM Agent that is installed on managed
machines.
Agent Installation Directory
The Agent executable code, collection results, and credentials are stored in files in the Agent installation
directory. Configure this directory and its contents so that an administrator account owns it, and have it
deny read or modification access by nonadministrators.
The integrity of Agent files and the integrity and confidentiality of collected data are at risk if
nonadministrators can access the Agent files and directories.
Agent Availability
The Agent operates in response to requests from the Collector service. VCM does not require the Agent
to be available at all times, but it must be at least periodically available for the collection of timely data to
occur.
The security environment must guarantee that the Agent is not permanently disabled or disconnected
from network access or from connection requests by the Collector. The security environment must also
maintain the network infrastructure required for Agent-Collector communication.
Continuous Possession and Control of the Agent
An administrator must maintain possession and control of any system where the Agent is installed. Even
the temporary loss of possession of an Agent risks exposure of its private keys, regardless of whether
confidentiality appears to have been preserved.
VCM Security Guide
34
VMware, Inc.