Manualshelf

Installation guide

ManualsBrandsVMware ManualsOtherVCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION
31323334353637383940
Trusted Certificate Store
The Agent validates up to two certificates while authenticating and authorizing a Collector: a root
certificate and an Enterprise certificate. During VCM installation, the customer can create a single, self-
signed certificate to serve as both root and Enterprise certificate, or point to a root certificate from an
external public key infrastructure. In either case, the root certificate is stored in the managed machine's
trusted certificate store.
CAUTION Certificates, whether used by VCM or not, must not be placed in the trusted certificate
store unless they originate from a trustworthy certificate authority.
Customer generated Enterprise certificates are assumed to be trustworthy. To verify the trustworthiness
of other certificates, look for the issuer's membership in the Microsoft Root Certificate Authority Program,
available from the Microsoft Web site. The site also describes admission criteria for the program.
Protecting Private Keys
Protect the Agent private keys from tampering, unauthorized replacement, or disclosure. Disclosure of or
tampering with a private key threatens confidentiality.
Protecting Authorized Collector Certificates
Any system that possesses the private key corresponding to an authorized Collector certificate can
communicate with Agents and send software packages and patches. To guard against this security risk,
protect the inventory of authorized Collector certificates from tampering.
Securing Machine Backups that Contain Keys
The Agent private key authenticates the Agent to VCM servers. You must secure any backup copies and
snapshots of machines that contain the Agent private key.
An unsecured Agent private key can be used to return false data to VCM servers that have not revoked
that Agent enrollment.
NOTE If the Agent is to be decommissioned permanently, its private key must be destroyed everywhere,
including on any backups or virtual machine snapshots. See "Decommissioning" on page 53.
Enterprise Certificate
The Agent only sends collection results to authorized Collectors. To be authorized, the Collector certificate
must be signed by the Enterprise certificate authority and stored in the authorized Collector certificate list
on the Agent.
The initial Enterprise certificate is shipped with the Agent installation, but that certificate can be replaced.
Trustworthiness of Data
The security of each managed machine determines the degree to which data that originates from that
machine can be trusted.
Managed machines might have less stringent security requirements, depending on where they are. Data
collected from a less secure machine that is connected to the Internet is not as reliable as data collected
from an infrastructure system that is isolated within a company network.
VCM Security Guide
36
VMware, Inc.