n
Domain administrators create the accounts and manage the infrastructure in which VCM runs. The
infrastructure includes domain controllers, routers, certificate servers, SMTP email servers, domain
name services (DNS), and dynamic host configuration protocol (DHCP) servers.
n
A VCM installer loads the VCM software and configures the Collector, SQL Server, IIS, and other
services. The installer is also the first VCM administrator and is responsible for authorizing other
administrators and regular VCM users from the inventory of accounts that the domain administrators
manage.
n
VCM users and administrators log in to VCM and use its Web interface to administer managed
machines using the Agents, run compliance tests, and generate reports. VCM administrators, users, or
managed machine administrators can install, upgrade, and uninstall Agents.
Trust Zones
Conceptually, VCM components are organized into trust zones. The zones and boundaries are for ease in
understanding VCM security and are not related to zones in Internet Explorer or your domain, nor are
they cited anywhere in the VCM user interface.
n
Infrastructure. Domain controllers, routers, SMTP servers, DNS servers, and other infrastructure items
n
User interface. VCM user desktops
n
Server. Collector service, SQL Server, IIS, Web application, Agent proxy, software provisioning
repository, VCM Remote service, and Orchestrator
n
Agent. Managed machines and alternative sources
Multiple Agent zones are supported.
n
Operating system provisioning. OS Provisioning Servers, provisionable targets, and the network
infrastructure that connects them
Domain administrators manage the infrastructure, user interface zone, and server zone. A local zone
administrator controls each Agent zone. This administrator is often the administrator of the managed
machine or repository.
The zones help you understand the trust between VCM components at a more detailed level than by
domain controller domains alone. A trust boundary separates each zone. Without special configuration or
authentication, the machines and services in one zone distrust the machines and services in another zone.
Special configuration can establish implicit trust, and authentication can establish trust between
components that are not configured for implicit trust.
When an entire zone trusts another zone, every VCM component in the first zone implicitly trusts every
component in the second zone. If two machines reside in the same zone, they do not necessarily trust each
other, but rather they are not required to distrust each other by default. After you install VCM, the user
interface and Agent zones trust the infrastructure and server zones.
The server zone trusts only the infrastructure zone, and does not trust the user interface zone except as a
source of user interface commands from VCM users authenticated by the infrastructure. The server zone
trusts the Agent zone as a source for Agent data, but not to provide data or implement change that would
affect other Agents or the VCM configuration.
System Guidelines Across Zones
There are certain security requirements in this document that apply across more than one zone. The
following table summarizes them in case you want to make these wider configuration changes in one pass
through your security environment.
VCM Security Guide
12
VMware, Inc.