Академический Документы
Профессиональный Документы
Культура Документы
This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
EN-000575-00
You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com
Copyright 2011 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.
VMware, Inc.
Contents
5 7
VMware View Accounts 8 VMware View Security Settings 9 VMware View Resources 17 VMware View Log Files 17 VMware View TCP and UDP Ports 19 Services on a View Connection Server Host 23 Services on a Security Server 24 Services on a View Transfer Server Host 24
Index 25
VMware, Inc.
VMware, Inc.
VMware View Security provides a concise reference to the security features of VMware View.
n n n
Required system and database login accounts. Configuration options and settings that have security implications. Resources that must be protected, such as security-relevant configuration files and passwords, and the recommended access controls for secure operation. Location of log files and their purpose. External interfaces, ports, and services that must be open or enabled for the correct operation of VMware View.
n n
Intended Audience
This information is intended for IT decision makers, architects, administrators, and others who must familiarize themselves with the security components of VMware View. This reference guide should be used in conjunction with the VMware View Hardening Guide and other VMware View documentation.
VMware, Inc.
VMware, Inc.
When you are configuring a secure View environment, you can change settings and make adjustments in several areas to protect your systems.
n
VMware View Accounts on page 8 You must set up system and database accounts to administer VMware View components. VMware View Security Settings on page 9 VMware View includes several settings that you can use to adjust the security of the configuration. You can access the settings by using View Administrator, by editing group profiles, or by using the ADSI Edit utility, as appropriate.
VMware View Resources on page 17 VMware View includes several configuration files and similar resources that must be protected. VMware View Log Files on page 17 VMware View software creates log files that record the installation and operation of its components. VMware View TCP and UDP Ports on page 19 View uses TCP and UDP ports for network access between its components. You might have to reconfigure a firewall to allow access on the appropriate ports.
Services on a View Connection Server Host on page 23 The operation of View Manager depends on several services that run on a View Connection Server host. If you want to adjust the operation of these services, you must first familiarize yourself with them.
Services on a Security Server on page 24 The operation of View Manager depends on several services that run on a security server. If you want to adjust the operation of these services, you must first familiarize yourself with them.
Services on a View Transfer Server Host on page 24 Transfer operations for local desktops depend on services that run on a View Transfer Server host. If you want to adjust the operation of these services, you must first familiarize yourself with them.
VMware, Inc.
vCenter Server
View Composer
Configure View databases on servers that are separate from other database servers that your organization uses. Do not allow a single user account to access multiple databases. Configure separate accounts for access to the View Composer and event databases.
n n
VMware, Inc.
Session timeout
For more information about these settings and their security implications, see the VMware View Administration document.
VMware, Inc.
For more information about these settings and their security implications, see the VMware View Administration document.
10
VMware, Inc.
AllowSingleSignon
AllowSingleSigno n
CommandsToRunOnConnect
CommandsToRunOnReconnect
ConnectionTicketTimeout
CredentialFilterExceptions
CredentialFilter Exceptions
For more information about these settings and their security implications, see the VMware View Administration document.
VMware, Inc.
11
BrokersTrustedForD elegation
The Service Principal Name (SPN) of the View Connection Server service.
12
VMware, Inc.
If you configure both the group policy setting and the CertCheckMode setting in the registry key, the group policy setting takes precedence over the registry key value.
VMware, Inc.
13
LogInAsCurrentUser _Display
EnableSmartCardSSO
IgnoreCertDateInva lid
14
VMware, Inc.
IgnoreCertCnInvali d
IgnoreWrongUsage
IgnoreUnknownCa
For more information about these settings and their security implications, see the VMware View Administration document.
Security-Related Settings in the Scripting Definitions Section of the View Client Configuration Template
Security-related settings are provided in the Scripting Definitions section of the ADM template file for View Client (vdm_client.adm). Unless noted otherwise, the settings include both a Computer Configuration setting and a User Configuration setting. If you define a User Configuration setting, it overrides the equivalent Computer Configuration setting. Settings for Scripting Definitions are stored in the registry on the host machine under HKLM\Software\Policies\VMware, Inc.\VMware VDM\Client.
VMware, Inc.
15
Connect all USB devices to the desktop when they are plugged in Logon Password
connectUSBOnInsert
Password
For more information about these settings and their security implications, see the VMware View Administration document.
pae-OVDIKeyCipher
paeSSOCredentialCacheTi meout
16
VMware, Inc.
<Drive Letter>:\Programdata\VMWare\VDM\backups (Windows Server 2008) <Drive Letter>:\Documents and Settings\All Users\Application Data\VMWare\VDM\backups (Windows Server 2003) install_directory\VMware\VMware View\Server\sslgateway\conf
Can be protected by access control. Ensure that this file is secured against access by any user other than View administrators. Protected by access control.
Log files
%ALLUSERSPROFILE%\Application Data\VMware\VDM\logs <Drive Letter>:\Documents and Settings\All Users\Application Data\VMware\VDM\logs install_directory\VMware View\Server\broker\web apps\ROOT\Web INF
install_directory\VMware\VMware View\Server\httpd\conf
Log files
<Drive Letter>:\ProgramData\VMware\VDM\logs (Windows Server 2008 R2) %ALLUSERSPROFILE%\Application Data\VMware\VDM\logs (Windows Server 2003 and Windows Server 2003 R2) <Drive Letter>:\Program Files\Apache Group\Apache2\logs (Apache server)
VMware, Inc.
17
18
VMware, Inc.
Security server
4172
UDP
Security server
4172
UDP
Security server
4172
UDP
Security server Security server Security server Security server Security server Security server
* * * * * *
View Connection Server View Connection Server View desktop View desktop View desktop View desktop 4.5 or earlier View desktop 4.6 or later View Client 4.5 or earlier
4001 8009 3389 9427 32111 50002 (can be changed by group policy) 4172 50002 (cannot be changed)
* 50002 (can be changed by group policy) 50002 (can be changed by group policy) 4172
TCP UDP
4172
UDP
UDP
4172
4172
UDP
View Connection Server or security server View Connection Server or security server
4172
UDP
4172
UDP
VMware, Inc.
19
Table 12. TCP and UDP Ports Used by View, Excluding Local Mode (Continued)
Source View Client Port * Target View Connection Server or security server View Connection Server or security server View Connection Server or security server View desktop Port 80 Protocol TCP Description HTTP access if SSL is disabled for client connections. HTTPS access if SSL is enabled for client connections. PCoIP (HTTPS) if PCoIP Secure Gateway is used. Microsoft RDP traffic to View desktops if direct connections are used instead of tunnel connections. Wyse MMR redirection if direct connections are used instead of tunnel connections. USB redirection if direct connections are used instead of tunnel connections. PCoIP (HTTPS) if PCoIP Secure Gateway is not used. PCoIP (AES-28-GCM or SALSA20) if PCoIP Secure Gateway is not used. PCoIP (HTTPS) if PCoIP Secure Gateway is not used. PCoIP (AES-28-GCM or SALSA20) if PCoIP Secure Gateway is not used. PCoIP (AES-128-GCM only) if PCoIP Secure Gateway is used. PCoIP (HTTPS) if PCoIP Secure Gateway is not used. PCoIP (AES-28-GCM or SALSA20) if PCoIP Secure Gateway is not used. PCoIP (HTTPS) if PCoIP Secure Gateway is not used. PCoIP (AES-28-GCM or SALSA20) if PCoIP Secure Gateway is not used.
View Client
443
TCP
* *
4172 3389
TCP TCP
View Client
View desktop
9427
TCP
View Client
View desktop
32111
TCP
50002 (can be changed by group policy) 50002 (can be changed by group policy) 4172
TCP
UDP
TCP
4172
UDP
View Client 4.5 or earlier View Client 4.6 or later View Client 4.6 or later
4172
UDP
50002 (can be changed by group policy) 50002 (can be changed by group policy) 4172
TCP
4172
UDP
TCP
4172
4172
UDP
20
VMware, Inc.
Table 12. TCP and UDP Ports Used by View, Excluding Local Mode (Continued)
Source View Client 4.6 or later View Connection Server Port 4172 Target View Connection Server or security server vCenter Server or View Composer Port 4172 Protocol UDP Description PCoIP (AES-128-GCM only) if PCoIP Secure Gateway is used. SOAP messages if SSL is disabled for access to vCenter Servers or View Composer. SOAP messages if SSL is enabled for access to vCenter Servers or View Composer. PCoIP (AES-128-GCM only) if PCoIP Secure Gateway via the View Connection Server is used. PCoIP (AES-128-GCM only) if PCoIP Secure Gateway via the View Connection Server is used. PCoIP (AES-128-GCM only) if PCoIP Secure Gateway via the View Connection Server is used. PCoIP (AES-128-GCM only) if PCoIP Secure Gateway via the View Connection Server is used. JMS inter-router traffic. Microsoft RDP traffic to View desktops if tunnel connections via the View Connection Server are used. PCoIP (HTTPS) if PCoIP Secure Gateway via the View Connection Server is used. Wyse MMR redirection if tunnel connections via the View Connection Server are used. USB redirection if tunnel connections via the View Connection Server are used.
80
TCP
443
TCP
4172
UDP
4172
4172
UDP
4172
UDP
4172
4172
UDP
* *
4100 3389
TCP TCP
View desktop
4172
TCP
View desktop
9427
TCP
View desktop
32111
TCP
VMware, Inc.
21
Table 12. TCP and UDP Ports Used by View, Excluding Local Mode (Continued)
Source View desktop View Composer service Port * * Target View Connection Server instances ESXi host Port 4001 902 Protocol TCP TCP Description JMS traffic. Used when View Composer customizes linked-clone disks, including View Composer internal disks and, if they are specified, persistent disks and system disposable disks.
The Local Mode feature requires you to open an additional number of ports for its correct operation. Table 13. TCP and UDP Ports Used by Local Mode
Source Security server Port * Target View Transfer Server Port 80 Protocol TCP Description View desktop download and data replication if tunnel connections are used and SSL is disabled for local mode operations. View desktop download and data replication if tunnel connections are used and SSL is enabled for local mode operations. View desktop download and data replication if direct connections are used instead of tunnel connections, and SSL is disabled for local mode operations. View desktop download and data replication if direct connections are used instead of tunnel connections, and SSL is enabled for local mode operations. Used when checking out local desktops. View desktop download and data replication if tunnel connections via the View Connection Server are used and SSL is disabled for local mode operations.
Security server
443
TCP
80
TCP
443
TCP
* *
902 80
TCP TCP
22
VMware, Inc.
Table 13. TCP and UDP Ports Used by Local Mode (Continued)
Source View Connection Server Port * Target View Transfer Server Port 443 Protocol TCP Description View desktop download and data replication if tunnel connections via the View Connection Server are used and SSL is enabled for local mode operations. JMS traffic to support local mode. Publishing View Composer packages for local mode.
* *
4001 902
TCP TCP
VMware View Framework Component VMware View Message Bus Component VMware View PCoIP Secure Gateway VMware View Script Host VMware View Security Gateway Component VMware View Web Component VMwareVDMDS
Manual
Manual
Manual
Manual Automatic
VMware, Inc.
23
Manual
Manual
Manual
Manual
Manual
Automatic
Provides data-transfer capabilities for client computers that run View desktops in local mode. The Apache2.2 service is started when you add View Transfer Server to View Manager.
24
VMware, Inc.
Index
A
accounts 8 ADM template files, security-related settings 9
VMwareVDMDS service 23
W
Web Component service 23
C
Connection Server service 23
F
firewall settings 19 Framework Component service 23, 24
L
log files 17
M
Message Bus Component service 23
R
resources 17
S
Script Host service 23 Security Gateway Component service 23, 24 security overview 5 Security Server service 24 security servers, services 24 security settings, global 9 server settings. security related 9 services security server hosts 24 View Connection Server hosts 23 View Transfer Server hosts 24
T
TCP ports 19 Transfer Server Control Service 24 Transfer Server service 24
U
UDP ports 19
V
View Connection Server, services 23 View security 7 View Transfer Server management, services on a View Transfer Server host 24
VMware, Inc.
25
26
VMware, Inc.