Security of the monitor

Real-time performance monitoring and troubleshooting

Security of the monitor

Veeam Logoby steelnwool » Thu Mar 29, 2012 7:43 pm

Its a great convenience to me that Veeam monitor stores the vsphere client passwords so I don't have to type them each time. But I'm curious how it stores them and how secure I should consider it?

It occured to me that if my win 7 management box was compromised, I'd be in all kinds of pain since someone could then very easily just delete all of my virtual machines. Yes I have backups. It would still suck :)
steelnwool
Enthusiast
 
Posts: 30
Liked: 1 time
Joined: Fri Sep 03, 2010 4:44 pm
Full Name: Jeff MacDonald

Re: Security of the monitor

Veeam Logoby Vitaliy S. » Fri Mar 30, 2012 8:34 am

Hi Jeff,

All your passwords are encrypted and stored in our database, so there is no reason to worry about that. As to your concern regarding a possibility of stealing account information for your VI, then please be aware that vSphere Client (in Monitor) functionality is available only for the users that belong to Veeam Monitoring Trusted group, so if you keep your account info in secret, there is little chance of such scenario.

Thanks!
Vitaliy S.
Veeam Software
 
Posts: 19558
Liked: 1102 times
Joined: Mon Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov

Re: Security of the monitor

Veeam Logoby steelnwool » Fri Mar 30, 2012 12:01 pm

Except I'm putting all of my eggs within the security of Windows 7.. I guess that is what worries me. Granted its behind a VPN, it needs a password and I only access it with RDP...

Regarding the encryption.. I'm not an expert but "technically" if someone had the source of Veeam Monitor they could decrypt the passwords right? I do agree this is a very low risk/unlikely situation but is 'technically possible' right? (academic discussion here... I'm not actually worried about this)
steelnwool
Enthusiast
 
Posts: 30
Liked: 1 time
Joined: Fri Sep 03, 2010 4:44 pm
Full Name: Jeff MacDonald

Re: Security of the monitor

Veeam Logoby Vitaliy S. » Sat Mar 31, 2012 12:14 pm

Just to be on the same page, if your Windows 7 box gets compromised, then why would anyone need our Monitor to access your VI? Why not to use your account for that? ;)
Vitaliy S.
Veeam Software
 
Posts: 19558
Liked: 1102 times
Joined: Mon Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov

Re: Security of the monitor

Veeam Logoby steelnwool » Mon Apr 02, 2012 5:19 pm

Because my windows account isn't tied to my VI at all. My account has one password for windows that shares nothing in common with my vSphere clients etc. Or did you mean another way? If so, let me know. I don't mind pleading ignorance.
steelnwool
Enthusiast
 
Posts: 30
Liked: 1 time
Joined: Fri Sep 03, 2010 4:44 pm
Full Name: Jeff MacDonald

Re: Security of the monitor

Veeam Logoby Vitaliy S. » Mon Apr 02, 2012 9:22 pm

Good for you, as I'm using my domain account everywhere! :) So answering your first question, these accounts are stored in a secure manner like any other connection account you specify in the application. Thanks!
Vitaliy S.
Veeam Software
 
Posts: 19558
Liked: 1102 times
Joined: Mon Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov

Re: Security of the monitor

Veeam Logoby steelnwool » Tue Apr 03, 2012 1:31 pm

Fair enough, so I'm at the mercy of how secure I judge windows7 to be :) I'll at least activate its firewall and what not.
steelnwool
Enthusiast
 
Posts: 30
Liked: 1 time
Joined: Fri Sep 03, 2010 4:44 pm
Full Name: Jeff MacDonald


Return to Monitoring



Who is online

Users browsing this forum: No registered users and 4 guests