VMware vSphere Replication Security Guide vSphere Replication 6.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
VMware vSphere Replication Security Guide You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2012–2017 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com 2 VMware, Inc.
Contents 1 About VMware vSphere Replication Security Guide 5 Updated Information 7 2 vSphere Replication Security Reference 9 Services, Ports, and External Interfaces that the vSphere Replication Virtual Appliance Uses vSphere Replication Configuration Files 12 vSphere Replication Private Key, Certificate, and Keystore 13 vSphere Replication License and EULA File 13 vSphere Replication Log Files 13 vSphere Replication User Accounts 15 Security Updates and Patches for vSphere Replication 15 Index VMwar
VMware vSphere Replication Security Guide 4 VMware, Inc.
About VMware vSphere Replication Security Guide 1 The VMware vSphere Replication Security Guide provides a concise reference to the security features of vSphere Replication. To help you protect your vSphere Replication installation, this guide describes security features built into vSphere Replication and the measures that you can take to safeguard it from attack.
VMware vSphere Replication Security Guide 6 VMware, Inc.
Updated Information This VMware vSphere Replication Security Guide is updated with each release of the product or when necessary. This table provides the update history of the VMware vSphere Replication Security Guide. Revision Description EN-001758-01 n EN-001758-00 Initial release. VMware, Inc. Updated the information in topic “Security Updates and Patches for vSphere Replication,” on page 15.
VMware vSphere Replication Security Guide 8 VMware, Inc.
2 vSphere Replication Security Reference You can use the Security Reference to learn about the security features of vSphere Replication and the measures that you can take to safeguard your environment from attack.
VMware vSphere Replication Security Guide Table 2‑1. vSphere Replication Services (Continued) Service Name Startup Type Description ntp Automatic Time service for syncing-up with Internet Time Server through Network Time Protocol. Note After you install or upgrade a vSphere Replication virtual appliance, you must synchronize the appliance with a time server.
Chapter 2 vSphere Replication Security Reference Table 2‑2. Ports Used by the vSphere Replication Appliance (Continued) Source Target Port Protocol Description vSphere Replication appliance vSphere Replication server 8123 SOAP Intra-site management traffic from the vSphere Replication Management server to additional vSphere Replication server in the environment.
VMware vSphere Replication Security Guide When you create a connection to the cloud, the vCloud Tunneling Agent in the vSphere Replication appliance creates a tunnel to secure the transfer of replication data to your cloud organization. Table 2‑4.
Chapter 2 vSphere Replication Security Reference vSphere Replication Private Key, Certificate, and Keystore The private key, the certificate, and the keystore of vSphere Replication are located on the vSphere Replication virtual appliance. Note All security-related resources are protected with the correct permissions and ownership. Do not change the ownership or permissions of these files. n /etc/vmware/ssl/hbrsrv.crt n /etc/vmware/ssl/hbrsrv.key n /opt/vmware/hms/security/hms-keystore.
VMware vSphere Replication Security Guide 2015-03-23 15:54:05.558 DEBUG jvsl.security.authentication.sessionmap [tcweb-5] (..security.authentication.SessionMap) operationID=087657ec-ef0f-494c-9739-a4af62a5c049HMS-1033 | Adding new session to the session map:com.vmware.hms.security.authentication.HmsUserSession@234f4bed:[ com.vmware.vim.binding.hms.UserSession: key = site_...1b034, userName = root, fullName = root , loginTime = ..., lastActiveTime = ...
Chapter 2 vSphere Replication Security Reference vSphere Replication User Accounts You must set up a root account for vSphere Replication. The root account is used to access both the virtual appliance console and the Virtual Appliance Management Interface (VAMI). vSphere Replication currently uses the root account as the administrator of the VAMI. No other user is created. When you deploy the vSphere Replication virtual appliance, you set the password for the root account in the OVF Deployment wizard.
VMware vSphere Replication Security Guide 16 VMware, Inc.
Index C U certificate 13 updated information 7 user accounts 15 E embedded_db.cfg 12 EULA 13 G guest OS 15 H hms-configuration.xml 12 https 9 I intended audience 5 K keystore 13 L license file 13 licenses 13 logs 13 N ntp 9 P patches 15 ports 9 privileges 15 R root password 15 S security updates 15 security reference 9 services 9 sshd 9 system logs 13 T truststore 13 VMware, Inc.
VMware vSphere Replication Security Guide 18 VMware, Inc.
