As a security best practice, you must secure the vRealize Operations console and manage Secure Shell (SSH), administrative accounts, and console access. Ensure that your system is deployed with secure transmission channels.
Enabling FIPS 140-2 vRealize Operations 8.4 and above uses cryptographic algorithms or protocols that are allowed by the United States Federal Information Processing Standards (FIPS). FIPS mode turns on the cipher suites that comply with FIPS 140-2. Security related libraries that are shipped with vRealize Operations 8.4 and above are FIPS 140-2 certified. However, the FIPS 140-2 mode is not enabled by default. FIPS 140-2 mode can be enabled if there is a security compliance requirement to use FIPS certified cryptographic algorithms with the FIPS mode enabled. Secure the vRealize Operations Console vRealize Operations , you must log in for the first time and secure the console of each node in the cluster. Change the Root Password vRealize Operations primary or data node at any time by using the console. Managing Secure Shell, Administrative Accounts, and Console Access Set Boot Loader Authentication Monitor Minimal Necessary User Accounts Monitor Minimal Necessary Groups Resetting the vRealize Operations Manager Administrator Password vRealize Operations admin password for vApp installations. Configure NTP on VMware Appliances Disable the TCP Timestamp Response on Linux TLS for Data in Transit Enabling TLS on Localhost Connections Application Resources That Must be Protected Apache Configuration Disable Configuration Modes vRealize Operations , you can modify the configuration or settings to enable troubleshooting and debugging of your installation. Managing Nonessential Software Components vRealize Operations Manager host machines. Additional Secure Configuration Activities
