VMware provides comprehensive recommendations to help you verify and configure a secure baseline for your vRealize Automation system.

Use the appropriate tools and procedures as specified by VMware to verify and maintain a secure, hardened baseline configuration for your vRealize Automation system. Some vRealize Automation components are installed in a hardened or partially-hardened state, but you should review and verify configuration of each component in light of VMware security recommendations, company security policies, and known threats.

vRealize Automation Security Posture

The security posture of vRealize Automation assumes a holistically secure environment based on system and network configuration, organizational security policies, and security best practices.

When verifying and configuring hardening of a vRealize Automation system, consider each of the following areas as addressed by VMware hardening recommendations.

  • Secure Deployment

  • Secure Configuration

  • Network Security

To ensure that your system is securely hardened, consider VMware recommendations and your local security policies as they relate to each of these conceptual areas.

System Components

When considering hardening and the secure configuration of your vRealize Automation system, ensure that you understand all components and how they work together to support system functionality.

Consider the following components when planning and implementing a secure system.

  • vRealize Automation appliance

  • IaaS Component

To familiarize yourself with vRealize Automation and how the components operate together, see Foundations and Concepts in the VMware vRealize Automation documentation center. For information about typical vRealize Automation deployments and architecture, see vRealize Automation Reference Architecture.