VMware VCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION Guide d'installation télécharger pdf (Page 24)

The Microsoft CSPs that ship with Windows 2000, 2003, XP, Vista, Windows 7, and Server 2008 meet the

FIPS 140–2 standard. Do not delete, replace, or supplement these packages with non-FIPS cryptography.

All systems in this zone are Microsoft Windows-based. To view the list of installed cryptography

providers, run the following command:

C:\> certutil -csplist

Check your list against the National Institute of Standards and Technology (NIST) Computer Security

Resource Center (CSRC) Web site to verify that your modules are FIPS 140-validated.

VCM Security Guide

VMware, Inc.

1 2 ... 19 20 21 22 23 24 25 26 27 28 29 ... 89 90

Security Guide 1
Copyright 2
Contents 3
Web Server 31 4
VCM User Interface System 39 4
Decommissioning 53 5
Authentication 57 5
Supplemental References 81 6
Index 87 6
About This Book 7
VCM Security Guide 10
VMware, Inc 10
How Personnel Use VCM 11
Trust Zones 12
Introduction to VCM Security 13
Domain Infrastructure 15
Domain Accounts 16
Personnel Considerations 17
VCM Installation Kits 19
Server Zone Security 21
Protection Profiles 22
Physical Security 22
Disabling Automatic Login 22
VCM Collector Server 25
SQL Server 27
Direct SQL Server Login 28
Login Accounts for SQL Server 28
Web Server 31
Using HTTPS 32
Web Server Certificates 32
VCM Agent Systems and Managed 33
Machines 33
VCM Agent 34
Unauthorized Agents 35
Local Administrator Account 35
BIOS Password 35
Disabling Alternative Startup 35
Maintenance Mode 35
Trusted Certificate Store 36
Enterprise Certificate 36
Trustworthiness of Data 36
Individual CollectionResults 37
VCM User Interface System 39
Access Control 40
Cross-site Scripting 41
Trusted Software 42
Verifying Certificates 42
Protection of Repositories 46
Connecting to Repositories 46
Closing Unnecessary Ports 50
OS Provisioning Credentials 50
Decommissioning 53
Network Authority Accounts 54
Erasing Server Disks 54
Erasing Virtual Machines 54
Authentication 57
Using Single or Paired Keys 58
Certificates 58
Public Key Infrastructure 58
Trust Chains 58
How VCM Uses Certificates 59
Collector Certificate 61
Agent Certificates 62
First Contact 63
Changes to Agent Certificates 63
Changing Certificates 64
Replacing Certificates 65
Installing the Agent 66
Installing Using Provisioning 67
Makecert Options 72
Option Description 73
Environment Variables 75
Supplemental References 81
Export Considerations 83
VCM Ports 84
Port Transport Usage 85

Commentaires sur ces manuels

Pas de commentaire

VMware VCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION Guide d'installation Page 24

Commentaires sur ces manuels

Produits connexes et manuels pour Logiciel VMware VCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION