Real-time performance monitoring and troubleshooting
Post Reply
steelnwool
Enthusiast
Posts: 30
Liked: 1 time
Joined: Sep 03, 2010 4:44 pm
Full Name: Jeff MacDonald
Contact:

Security of the monitor

Post by steelnwool » Mar 29, 2012 7:43 pm

Its a great convenience to me that Veeam monitor stores the vsphere client passwords so I don't have to type them each time. But I'm curious how it stores them and how secure I should consider it?

It occured to me that if my win 7 management box was compromised, I'd be in all kinds of pain since someone could then very easily just delete all of my virtual machines. Yes I have backups. It would still suck :)

Vitaliy S.
Product Manager
Posts: 22773
Liked: 1526 times
Joined: Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov
Contact:

Re: Security of the monitor

Post by Vitaliy S. » Mar 30, 2012 8:34 am

Hi Jeff,

All your passwords are encrypted and stored in our database, so there is no reason to worry about that. As to your concern regarding a possibility of stealing account information for your VI, then please be aware that vSphere Client (in Monitor) functionality is available only for the users that belong to Veeam Monitoring Trusted group, so if you keep your account info in secret, there is little chance of such scenario.

Thanks!

steelnwool
Enthusiast
Posts: 30
Liked: 1 time
Joined: Sep 03, 2010 4:44 pm
Full Name: Jeff MacDonald
Contact:

Re: Security of the monitor

Post by steelnwool » Mar 30, 2012 12:01 pm

Except I'm putting all of my eggs within the security of Windows 7.. I guess that is what worries me. Granted its behind a VPN, it needs a password and I only access it with RDP...

Regarding the encryption.. I'm not an expert but "technically" if someone had the source of Veeam Monitor they could decrypt the passwords right? I do agree this is a very low risk/unlikely situation but is 'technically possible' right? (academic discussion here... I'm not actually worried about this)

Vitaliy S.
Product Manager
Posts: 22773
Liked: 1526 times
Joined: Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov
Contact:

Re: Security of the monitor

Post by Vitaliy S. » Mar 31, 2012 12:14 pm

Just to be on the same page, if your Windows 7 box gets compromised, then why would anyone need our Monitor to access your VI? Why not to use your account for that? ;)

steelnwool
Enthusiast
Posts: 30
Liked: 1 time
Joined: Sep 03, 2010 4:44 pm
Full Name: Jeff MacDonald
Contact:

Re: Security of the monitor

Post by steelnwool » Apr 02, 2012 5:19 pm

Because my windows account isn't tied to my VI at all. My account has one password for windows that shares nothing in common with my vSphere clients etc. Or did you mean another way? If so, let me know. I don't mind pleading ignorance.

Vitaliy S.
Product Manager
Posts: 22773
Liked: 1526 times
Joined: Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov
Contact:

Re: Security of the monitor

Post by Vitaliy S. » Apr 02, 2012 9:22 pm

Good for you, as I'm using my domain account everywhere! :) So answering your first question, these accounts are stored in a secure manner like any other connection account you specify in the application. Thanks!

steelnwool
Enthusiast
Posts: 30
Liked: 1 time
Joined: Sep 03, 2010 4:44 pm
Full Name: Jeff MacDonald
Contact:

Re: Security of the monitor

Post by steelnwool » Apr 03, 2012 1:31 pm

Fair enough, so I'm at the mercy of how secure I judge windows7 to be :) I'll at least activate its firewall and what not.

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests