Manualshelf

Installation guide

ManualsBrandsVMware ManualsOtherVCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION
31323334353637383940
Access Control
The security environment for machines in the user interface zone is less strict than in the server zone. User
interface machines are not required to be protected by firewalls or isolated from the Internet. In spite of
the less strict conditions, you must still implement the following measures for these machines:
n
Run operating systems that meet the Controlled Access Protection Profile (CAPP) or General Purpose
Operating System Protection Profile (GPOSPP), described on the Common Criteria Evaluation and
Validation Scheme Web site.
n
Patch them to the current security level.
n
Run anti-virus software.
Disabling Automatic Login
Systems that run the VCM user interface must require mandatory login.
Automatic login is a convenience that logs a specific Windows user into a machine after the machine
finishes restarting. Because it bypasses the access control that the login prompt provides, always disable
automatic Windows login on the VCM user interface system.
Disabling Simultaneous Login
The VCM user interface machines must not allow users to simultaneously log in to VCM by running
multiple browser sessions on either the same system or from different systems.
Simultaneous login sessions defeat the traceability of actions back to a specific VCM user and reduce
accountability.
Using Windows Credentials
To reduce susceptibility to spoofing attacks, do not allow VCM users to use a direct login to VCM. Instead,
have the Internet Explorer browser forward the VCM user interface system Windows login credentials, or
Run As or kinit credentials, to the VCM Web application. See "Customizing Internet Security Options" on
page 42.
Service Account Credentials
Do not log in to VCM with service account credentials. Logging in to VCM with a service account can lead
to unexpected or inconsistent behavior. Services using the same account as a logged in user can modify the
logged in user's current role, machine group, or log the user out of the system at inappropriate times.
Recognizing Direct Login Prompts
Because you log in to VCM by transmitting your Windows account credentials, treat direct VCM login
prompts in the browser with skepticism and caution.
When a user logs in to Windows using a domain account known to VCM, and connects to VCM, the
system authorizes the user by their Windows credentials rather than requiring them to explicitly log in to
VCM. Using the Windows login system resists spoofing and cross-site scripting attacks that exploit the
Internet Explorer browser.
VCM can support a separate, browser-based login when Windows credentials are either unavailable or
from a domain controller not trusted by VCM. However, the better practice is still to log in, or Run As,
using a domain account, configure Internet Explorer to transmit those credentials, and treat direct VCM
login prompts in the browser with skepticism and caution.
VCM Security Guide
40
VMware, Inc.