Appendix: Design Decisions on Intelligent Operations Management for VMware Cloud Foundation

The design decisions determine the deployment configuration, resource sizing, and monitoring support of vRealize Operations Manager in the SDDC.

Deployment Specification

Table 1. Design Decisions on Deployment of vRealize Operations Manager
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-CFG-001	Deploy vRealize Operations Manager as a cluster of three nodes - one primary, one primary replica, and one data node, in the default management vSphere cluster.	Provides the scale capacity required for monitoring of up to 10,000 virtual machines / 12,500 objects. Supports scale-up with additional data nodes.	You must size all nodes identically, which increases the resource requirements in the SDDC.
IOM-VROPS-CFG-002	Deploy two remote collector nodes in the default management vSphere cluster.	Removes the load from the analytics cluster from collecting metrics from local-instance applications.	You must assign a collector group when configuring the monitoring of a solution.
IOM-VROPS-CFG-003	To deploy vRealize Operations Manager , use the vRealize Suite Lifecycle Manager instance in the corresponding VMware Cloud Foundation instance.	For VMware Cloud Foundation 4.3 and earlier: the vRealize Operations Manager install bundle is synchronized from SDDC Manager ensuring interoperability with VMware Cloud Foundation. For VMware Cloud Foundation 4.4 and later: vRealize Suite Lifecycle Manager manages the vRealize Operations Manager product binaries. The version of vRealize Operations Manager is determined by the VMware interoperability matrix and SDDC Manager. When vRealize Suite Lifecycle Manager is in VMware Cloud Foundation mode, during the deployment, SDDC Manager configures the load balancer for the analytics cluster.	You must deploy vRealize Suite Lifecycle Manager.
IOM-VROPS-CFG-004	Protect all vRealize Operations Manager nodes by using vSphere High Availability.	Supports the availability objective for vRealize Operations Manager without requiring manual intervention during a failure event.	None.
IOM-VROPS-CFG-005	Apply a vSphere Distributed Resource Scheduler (DRS) anti-affinity rule to the vRealize Operations Manager analytics cluster.	Using vSphere DRS prevents the vRealize Operations Manager analytics cluster virtual machines from running on the same ESXi host and risking the high availability of the cluster.	You must perform additional configuration to set up an anti- affinity rule. If additional data nodes are added, you must update the anti-affinity rule. For a default management vSphere cluster that consists of four ESXi hosts, you can put in maintenance mode only a single ESXi host at a time.
IOM-VROPS-CFG-006	Apply a vSphere Distributed Resource Scheduler (DRS) anti-affinity rule to the vRealize Operations Manager remote collector group.	Using vSphere DRS prevents the vRealize Operations Manager remote collector virtual machines from running on the same ESXi host and risking the high availability of the cluster.	You must perform additional configuration to set up an anti-affinity rule.
IOM-VROPS-CFG-007	Place the vRealize Operations Manager analytics cluster virtual machines in a dedicated virtual machine folder.	Provides an organization of the vRealize Operations Manager analytics cluster virtual machines in the management domain inventory.	You must create the virtual machine folder during or after the deployment.
IOM-VROPS-CFG-008	Place the vRealize Operations Manager remote collector virtual machines in a dedicated virtual machine folder.	Provides an organization of the vRealize Operations Manager remote collector virtual machines in the management domain inventory.	You must create the virtual machine folder during or after the deployment.

Table 2. Design Decisions on Deployment of vRealize Operations Manager in Multiple Availability Zones
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-CFG-009	When using two availability zones, add the vRealize Operations Manager virtual machines to the first availability zone VM group.	Ensures that, by default, the vRealize Operations Manager virtual machines are powered on within the first availability zone hosts group.	If vRealize Operations Manager is deployed after the creation of the stretched cluster for management domain availability zones, you must update the VM group for the first availability zone virtual machines to include the vRealize Operations Manager virtual machines.

Table 3. Design Decisions on Deployment of vRealize Operations Manager for Multiple VMware Cloud Foundation Instances
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-CFG-010	In an environment with multiple VMware Cloud Foundation instances, deploy two remote collector nodes in the default management vSphere cluster in each VMware Cloud Foundation instance by using the same vRealize Suite Lifecycle Manager instance and environment in the first VMware Cloud Foundation instance.	Removes the load from the analytics cluster from collecting metrics from local-instance applications.	You must assign a collector group when configuring the monitoring of a solution.
IOM-VROPS-CFG-011	In an environment with multiple VMware Cloud Foundation instances, place the vRealize Operations Manager remote collector virtual machines in each instance, in a dedicated virtual machine folder.	Provides an organization of the vRealize Operations Manager remote collector virtual machines in the management domain inventory.	You must create the virtual machine folder during or after the deployment.
IOM-VROPS-CFG-012	In an environment with multiple VMware Cloud Foundation instances, apply a vSphere Distributed Resource Scheduler (DRS) anti-affinity rule to the vRealize Operations Manager remote collector group.	Using vSphere DRS prevents the vRealize Operations Manager remote collector virtual machines from running on the same ESXi host and risking the high availability of the cluster.	You must perform additional configuration to set up an anti-affinity rule.

Table 4. Design Decisions on Sizing of vRealize Operations Manager
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-CFG-013	Deploy each node in the analytics cluster as a medium-size appliance.	Provides enough capacity for the metrics and objects generated by up to 12,500 objects while having high availability in the analytics cluster activated. Metrics are collected from the following components: vCenter Server instances ESXi hosts NSX-T Data Center components vRealize Automation vRealize Log Insight If you use fewer large-size vRealize Operations Manager analytics cluster nodes, you must increase the minimum host memory size to handle the increased performance that is the result from stretching NUMA node boundaries.	The ESXi hosts in the default management vSphere cluster must have physical CPUs with a minimum of 8 cores per socket. In total, the vRealize Operations Manager analytics cluster uses 24 vCPUs and 96 GB of memory in the default management vSphere cluster. When you exceed 12,500 objects, you must scale up the analytics cluster nodes size by using vRealize Suite Lifecycle Manager.
IOM-VROPS-CFG-014	If the number of SDDC objects exceeds 12,500, scale up the analytics cluster nodes size by using vRealize Suite Lifecycle Manager.	Ensures that the analytics cluster has enough capacity to meet the SDDC object and metric growth.	The capacity of the physical ESXi hosts must be enough to accommodate virtual machines that require 32 GB RAM without bridging NUMA node boundaries. The default management vSphere cluster must have enough ESXi hosts so that vRealize Operations Manager can run according to the vSphere DRS anti-affinity rule. The number of analytics cluster nodes must not exceed the number of ESXi hosts in the default management vSphere cluster minus one. For example, if the default management vSphere cluster contains six ESXi hosts, you can deploy up to five vRealize Operations Manager nodes in the analytics cluster.
IOM-VROPS-CFG-015	Increase the initial storage of each vRealize Operations Manager analytics cluster node by 1 TB.	Supports the storage requirements for monitoring up to 12,500 objects. Supports projected growth of 20%. Supports data retention of six months.	None.
IOM-VROPS-CFG-016	Deploy each remote collector node as a standard-size appliance.	Provides metric collection for the expected number of objects in the SDDC when at full capacity. Remote collector nodes do not perform analytics operations or store data on disk, therefore no additional storage is required.	You must provide 4 vCPUs and 8 GB of memory in the default management vSphere cluster in each VMware Cloud Foundation instance.

Table 5. Design Decisions on Notifications for vRealize Operations Manager
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-CFG-017	Configure vRealize Operations Manager to use an outbound SMTP mail server to route notifications for system events.	Integrates vRealize Operations Manager system events notifications to users by email to provide an enhanced user experience.	You must maintain an SMTP server.

Table 6. Design Decisions on Costing for vRealize Operations Manager
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-CFG-018	Configure the correct currency in the vRealize Operations Manager global options.	Ensures accurate costing in the correct currency.	The currency cannot be changed after the initial configuration.

Network Design

Table 7. Design Decisions on the Network Segments for vRealize Operations Manager
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-NET-001	Place the vRealize Operations Manager analytics nodes on the cross-instance NSX network segment.	Provides a consistent deployment model for management applications and a potential to extend to a second VMware Cloud Foundation instance for disaster recovery.	You must use an implementation of NSX-T Data Center to support this network configuration.
IOM-VROPS-NET-002	Place the vRealize Operations Manager remote collector nodes on the local-instance NSX network segment.	Supports collection of metrics locally per VMware Cloud Foundation instance.	You must use an implementation in NSX-T Data Center to support this networking configuration.

Table 8. Design Decisions on the Network Segments for vRealize Operations Manager for a Multiple VMware Cloud Foundation Instances
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-NET-003	In an environment with multiple VMware Cloud Foundation instances, place the vRealize Operations Manager remote collector nodes in each instance on the local-instance NSX segment.	Supports collection of metrics locally per VMware Cloud Foundation instance.	You must use an implementation in NSX-T Data Center to support this networking configuration.

Table 9. Design Decisions on the IP Addressing for vRealize Operations Manager
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-NET-004	Allocate statically assigned IP addresses and host names from the cross-instance NSX segment to the vRealize Operations Manager analytics cluster nodes and the NSX-T Data Center load balancer.	Ensures stability across the SDDC, and makes it simpler to maintain and easier to track.	Requires precise IP address management.
IOM-VROPS-NET-005	Allocate statically assigned IP addresses and host names from the local-instance NSX segment to the vRealize Operations Manager remote collector nodes.	Ensures stability across the SDDC, and makes it simpler to maintain and easier to track.	Requires precise IP address management.

Table 10. Design Decisions on the IP Addressing for vRealize Operations Manager for Multiple VMware Cloud Foundation Instances
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-NET-006	In an environment with multiple VMware Cloud Foundation instances, allocate statically assigned IP addresses and host names from each local-instance NSX segment to the corresponding vRealize Operations Manager remote collector nodes in the instance.	Ensures stability across the SDDC, and makes it simpler to maintain and easier to track.	Requires precise IP address management.

Table 11. Design Decisions on Name Resolution for vRealize Operations Manager
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-NET-007	Configure forward and reverse DNS records for all vRealize Operations Manager nodes and for the NSX-T Data Center load balancer virtual IP address.	All nodes are accessible by using fully qualified domain names instead of by using IP addresses only.	You must provide DNS records for the vRealize Operations Manager nodes.

Table 12. Design Decisions on Load Balancing for vRealize Operations Manager
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-NET-008	Use the small-size load balancer that is configured by SDDC Manager on a dedicated NSX-T Data Center Tier-1 gateway in the management domain to load balance the clustered Workspace ONE Access nodes, to also load balance the connections across the vRealize Operations Manager analytics cluster members.	Required to deploy a vRealize Operations Manager analytics cluster deployment type with distributed user interface access across members.	You must use the NSX-T Data Center load balancer that is configured by SDDC Manager to support this network configuration.
IOM-VROPS-NET-009	Do not use a load balancer for the vRealize Operations Manager remote collector nodes.	vRealize Operations Manager remote collector nodes must directly access the systems that they are monitoring. vRealize Operations Manager remote collector nodes do not require access to and from the public network.	None.

Table 13. Design Decisions on Time Synchronization for vRealize Operations Manager
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-NET-010	Configure NTP on each vRealize Operations Manager node.	vRealize Operations Manager depends on time synchronization.	None.
IOM-VROPS-NET-011	Configure the timezone of vRealize Operations Manager to use UTC.	You must use UTC to provide the integration with vRealize Automation , because vRealize Automation supports only UTC.	If you are in a timezone other than UTC, timestamps appear skewed.

Life Cycle Management Design

Table 14. Design Decisions on Life Cycle Management of vRealize Operations Manager
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-LCM-001	For VMware Cloud Foundation 4.4, use vRealize Suite Lifecycle Manager to perform the life cycle management of vRealize Operations Manager . For VMware Cloud Foundation 4.3.1 and earlier, use SDDC Manager and vRealize Suite Lifecycle Manager to perform the life cycle management of vRealize Operations Manager .	For VMware Cloud Foundation 4.4, vRealize Suite Lifecycle Manager manages the product binaries and vRealize Operations Manager upgrades. For VMware Cloud Foundation 4.3.1 and earlier, SDDC Manager provides the upgrade bundles to vRealize Suite Lifecycle Manager and manages vRealize Operations Manager upgrades through the integration with vRealize Suite Lifecycle Manager.	You must deploy vRealize Suite Lifecycle Manager by using SDDC Manager. vRealize Suite Lifecycle Manager manages patches, updates, and hot fixes for vRealize Operations Manager .

vRealize Operations Manager Design

Table 15. Design Decision on Cloud Accounts in vRealize Operations Manager
Design Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-CFG-019	Configure a vCenter Server cloud account for each vCenter Server instance in the SDDC.	Provides the vRealize Operations Manager integration with and data collection from all vCenter Server instances in the SDDC.	The vCenter Server cloud account uses the administrator@vsphere.local user account for application-to-application communication from vRealize Operations Manager to vSphere. While you can update the cloud account to use a custom user, the password rotation feature in SDDC Manager for administrator@vsphere.local reverts the configuration.
IOM-VROPS-CFG-020	Connect each VI workload domain to vRealize Operations Manager by using SDDC Manager.	SDDC Manager provides a workflow to add the VI workload domain vCenter Server cloud account in vRealize Operations Manager .	None.
IOM-VROPS-CFG-021	Configure each vCenter Server cloud account to use the remote collector group for its VMware Cloud Foundation instance.	Local-instance components are configured to use the remote collector group. This configuration offloads data collection for local management components from the analytics cluster.	None.
IOM-VROPS-CFG-022	Activate the vSAN integration in the vCenter Server cloud accounts.	Provides the vRealize Operations Manager integration with and data collection from all vSAN instances in the SDDC.	The vSAN adapter uses the administrator@vsphere.local user account for application-to-application communication from vRealize Operations Manager to vSphere. While you can update the adapter to use a custom user, the password rotation feature in SDDC Manager for administrator@vsphere.local reverts the configuration.

Table 16. Design Decisions on Cloud Accounts in vRealize Operations Manager for Multiple VMware Cloud Foundation Instances
Design Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-CFG-023	In an environment with multiple VMware Cloud Foundation instances, configure a vCenter Server cloud account for each vCenter Server instance in each VMware Cloud Foundation instance.	Provides the vRealize Operations Manager integration with and data collection from all vCenter Server instances in the SDDC.	None.
IOM-VROPS-CFG-024	In an environment with multiple VMware Cloud Foundation instances, manually connect each VI workload domain in each additional VMware Cloud Foundation instance to vRealize Operations Manager .	vRealize Operations Manager is integrated with SDDC Manager only in the first VMware Cloud Foundation instance.	You must configure the cloud account manually.
IOM-VROPS-CFG-025	In an environment with multiple VMware Cloud Foundation instances, configure each vCenter Server cloud account to use the remote collector group for its VMware Cloud Foundation instance.	Local-instance components are configured to use the remote collector group. This configuration offloads data collection for local management components from the analytics cluster.	None.
IOM-VROPS-CFG-026	In an environment with multiple VMware Cloud Foundation instances, activate the vSAN integration in the vCenter Server cloud accounts.	Provides the vRealize Operations Manager integration with and data collection from all vSAN instances in the SDDC.	None.

Table 17. Design Decisions on Management Packs for vRealize Operations Manager
Design Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-CFG-027	Install the VMware Identity Manager management pack for vRealize Operations Manager .	Provides the ability of vRealize Operations Manager to communicate with Workspace ONE Access endpoints. The management pack is installed by SDDC Manager.	None.
IOM-VROPS-CFG-028	Configure a VMware Identity Manager adapter instance for the clustered Workspace ONE Access instance.	Provides the vRealize Operations Manager integration and data collection from the clustered Workspace ONE Access instance. The adapter is configured by SDDC Manager.	None.
IOM-VROPS-CFG-029	Configure the clustered Workspace ONE Access adapter to use the default collector group.	Cross-instance components are configured to use the default collector group.	The load on the analytics cluster, though minimal, increases.
IOM-VROPS-CFG-030	Configure an NSX-T adapter instance for each NSX Manager instance.	Provides the vRealize Operations Manager integration and data collection from NSX-T Data Center.	In an environment with NSX-T Federation, only NSX-T Local Managers are supported at this time.
IOM-VROPS-CFG-031	Configure each NSX-T adapter to use the remote collector group.	Local-instance components are configured to use the remote collector group. This offloads data collection for local management components from the analytics cluster.	None.
IOM-VROPS-CFG-032	Install the SDDC Health management pack for vRealize Operations Manager .	Provides aggregated dashboards for VMware Cloud Foundation.	You must install the management pack manually.
IOM-VROPS-CFG-033	Activate the native Ping management pack in vRealize Operations Manager .	Provides metrics on the availability of endpoints.	You must activate the management pack manually.
IOM-VROPS-CFG-034	Add Ping adapters for the vRealize Operations Manager nodes.	Provides metrics on the availability of vRealize Operations Manager nodes.	You must add the adapter instances manually.
IOM-VROPS-CFG-035	Configure each Ping adapter for the vRealize Operations Manager nodes to use the default collector group.	Cross-instance components are configured to use the default collector group.	The load on the analytics cluster, though minimal, increases.
IOM-VROPS-CFG-036	Add a Ping adapter for the clustered Workspace ONE Access nodes.	Provides metrics on the availability of the clustered Workspace ONE Access nodes.	You must add the adapter instances manually.
IOM-VROPS-CFG-037	Configure the Ping adapter for the clustered Workspace ONE Access nodes to use the default collector group.	Local-instance components are configured to use the remote collector group.	This configuration offloads data collection for local management components from the vRealize Operations Manager analytics cluster.

Information Security and Access Design

Table 18. Design Decision on Identity Management for vRealize Operations Manager
Design Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-SEC-001	Activate vRealize Operations Manager integration with your corporate identity source by using the clustered Workspace ONE Access deployment.	Allows authentication, including multi-factor, to vRealize Operations Manager by using your corporate identity source. Allows authorization through the assignment of organization and cloud services roles to enterprise users and groups defined in your corporate identity source.	You must deploy and configure a Workspace ONE Access cluster to establish the integration between vRealize Operations Manager and your corporate identity sources.
IOM-VROPS-SEC-002	Assign the default Administrator role in vRealize Operations Manager to an active directory security group.	Provides the following access control features: Access to vRealize Operations Manager administration is granted to a managed set of individuals that are members of the security group. You can introduce improved accountability and tracking organization owner access to vRealize Operations Manager .	You must maintain the life cycle and availability of the security group outside of the SDDC stack.
IOM-VROPS-SEC-003	Assign the default ContentAdmin role in vRealize Operations Manager to an active directory security group.	Provides the following access control features: Access to the vRealize Operations Manager user interface is granted to a managed set of individuals that are members of the security group. You can introduce improved accountability and tracking organization owner access to vRealize Operations Manager .	You must maintain the life cycle and availability of the security group outside of the SDDC stack.
IOM-VROPS-SEC-004	Assign the default ReadOnly role in vRealize Operations Manager to an active directory security group.	Provides the following access control features: Access to the vRealize Operations Manager user interface is granted to a managed set of individuals that are members of the security group. You can introduce improved accountability and tracking organization owner access to vRealize Operations Manager .	You must maintain the life cycle and availability of the security group outside of the SDDC stack.

Table 19. Design Decisions on Service Accounts for vRealize Operations Manager Management Packs
Design Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-SEC-005	Configure the endpoint of the NSX-T management pack for vRealize Operations Manager to use the NSX-T Data Center local system domain admin account.	Provides integration and data collection of all NSX-T Data Center instances in the SDDC in vRealize Operations Manager .	You must manage the password life cycle of this endpoint.
IOM-VROPS-SEC-006	Configure a Workspace ONE Access management pack adapter instance for the clustered Workspace ONE Access instance using the local system domain admin account.	Provides integration and data collection of the clustered Workspace ONE Access instance in vRealize Operations Manager Integration between vRealize Operations Manager and Workspace ONE Access is only supported with the local admin account.	You must manage the password life cycle of this endpoint.

Table 20. Design Decisions on Password Policy Settings for vRealize Operations Manager
Design Decision ID	Design Decision	Justification	Implication
IOM-VROPS-SEC-007	Rotate the vRealize Operations Managerroot password on a recurring or event-initiated schedule by using the SDDC Manager user interface or API.	By default, the password for the vRealize Operations Managerrootaccount expires every 365 days. When vRealize Operations Manager is deployed into a VMware Cloud Foundation environment in vRealize Suite Lifecycle Manager, the root password is managed from the SDDC Manager user interface or API, not vRealize Suite Lifecycle Manager.	By using SDDC Manager, you manage the password change or automated password rotation schedule for the vRealize Operations Managerrootaccount in accordance with your organizational policies and regulatory standards.
IOM-VROPS-SEC-008	Rotate the vRealize Operations Manageradmin password on a recurring or event-initiated schedule by using the SDDC Manager user interface or API.	By default, the password for the vRealize Operations Manageradminaccount expires every 60 days. When vRealize Operations Manager is deployed into a VMware Cloud Foundation environment in vRealize Suite Lifecycle Manager, the admin password is managed from the SDDC Manager user interface or API, not vRealize Suite Lifecycle Manager.	By using SDDC Manager, you manage the password change or automated password rotation schedule for the vRealize Operations Manageradminaccount in accordance with your organizational policies and regulatory standards.

Table 21. Design Decisions on Certificates for vRealize Operations Manager
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-SEC-009	Use a CA-signed certificate containing the analytics and remote collector nodes in the SAN attributes, when deploying vRealize Operations Manager .	Configuring a CA-signed certificate ensures that the communication to the externally facing Web UI and API for vRealize Operations Manager , and cross-product, is encrypted.	Using CA-signed certificates from a certificate authority might increase the deployment preparation time as certificate requests are generated and delivered. Each time a node is added the certificate must be replaced to include the new node.
IOM-VROPS-SEC-010	Use a SHA-2 or higher algorithm when signing certificates.	The SHA-1 algorithm is considered less secure and has been deprecated.	Not all certificate authorities support SHA-2.

Solution Interoperability Design

Table 22. Design Decision on Logging for Intelligent Operations Management
Decision ID	Design Decision	Design Justification	Design Implication
IOM-VROPS-LOG-001	Use the vRealize Log Insight content pack for vRealize Operations Manager .	Provides additional granular monitoring on the virtual infrastructure. The content pack for vRealize Operations Manager is installed by default in vRealize Log Insight.	None.
IOM-VROPS-LOG-002	Configure the vRealize Log Insight agent for the vRealize Operations Manager nodes to forward logs to vRealize Log Insight in their corresponding VMware Cloud Foundation instance.	Simplifies configuration of log sources in the SDDC that are prepackaged with the vRealize Log Insight agent.	You must configure the vRealize Log Insight agent to forward logs to the vRealize Log Insight VIP.
IOM-VROPS-LOG-003	Configure vRealize Operations Manager to send logs to the vRealize Log Insight cluster in the corresponding VMware Cloud Foundation instance.	Allows logs from vRealize Operations Manager to be forwarded to a vRealize Log Insight cluster.	None.
IOM-VROPS-LOG-004	Communicate with the vRealize Log Insight using the default Ingestion API (cfapi) port `9000`and `ssl=no`.	Supports disaster recovery of vRealize Operations Manager in the SDDC. During the failover, the DNS records for vRealize Log Insight in Region A are updated to redirect to the instance in Region B to ensure the log collection remains operational. The `ssl=no` setting must be used when there is a certificate mismatch post failover.	Transmission traffic for logs is not encrypted.
IOM-VROPS-LOG-005	Configure a dedicated Photon OS agent group and assign the vRealize Operations Manager Cluster and Remote Collector Node FQDNs.	Provides a standardized configuration to all vRealize Log Insight agents in each of the groups. Defines the vRealize Log Insight agent configuration for log collection and parsing in the context of the SDDC components, such as specific log directories, files, and formats.	Adds minimal load to the vRealize Log Insight cluster.