VMware!SDDC!Product! Applicability!Guide!for!CJIS! v5.2!
|
|
- Gervase Bell
- 8 years ago
- Views:
Transcription
1 VMwareSDDCProduct ApplicabilityGuideforCJIS v5.2 August2014 v1.0 Product Guide This is the first document in the Compliance Reference Architecture for CJIS. You can find more information on the Framework and download the additional documents from the CJIS Compliance Resources TAB on VMware Solution Exchange here. Applicability
2 Table(of(Contents( EXECUTIVE(SUMMARY(...(5( INTRODUCTION(...(9( OVERVIEW(OF(THE(CJIS(SECURITY(POLICY(AS(IT(APPLIES(TO(CLOUD/VIRTUAL(ENVIRONMENTS(...(12( CLOUD(COMPUTING(AND(VIRTUAL(ENVIRONMENTS(...(14( WHERE(TO(START(J(CONSIDERATIONS(FOR(SYSTEM(OWNERS,(IT(AND(ASSESSORS(...(16( LAWENFORCEMENTCONSIDERATIONS...16 ITCONSIDERATIONS...16 ASSESSMENTCONSIDERATIONS...17 GUIDANCE(FROM(CJIS(SECURITY(POLICY(...(18( VMWARE(TECHNOLOGIES(AND(CJIS(...(22( VMWARE(CJIS(REQUIREMENTS(MATRIX((OVERVIEW)(...(23( CJIS(REQUIREMENTS(MATRIX((BY(VMWARE(SUITE)(...(25( VCLOUDINFRASTRUCTURE...25 VCLOUDNETWORKINGANDSECURITY...29 NSX...33 OPERATIONSMANAGEMENT...38 CJIS(SECURITY(POLICY(...(43( GLOSSARY(OF(TERMS(...(87( ACKNOWLEDGEMENTS(...(89( ABOUTCOALFIRE...89( FIGURE(1:(CJIS(PROGRAM(STRUCTURE(...(9( FIGURE(2:(CJIS(REQUIREMENTS(AND(VMWARE(...(10( FIGURE(3:(VMWARE(+(PARTNER(PRODUCT(CAPABILITIES(FOR(A(TRUSTED(CLOUD(...(11( FIGURE(4:(VIRTUALIZATION(RISK(MITIGATION(...(12( FIGURE(5:(CLOUD(COMPUTING(...(14( FIGURE(6:(VMWARE(SOFTWARE(DEFINED(DATA(CENTER(PRODUCTS(AND(SUITES(...(22( FIGURE(7:(CJIS(SECURITY(REQUIREMENTS(AND(VMWARE(...(23( ( TABLE(1:(HIGHJLEVEL(CJIS(POLICY(AREA(MAPPING(...(7( TABLE(2:(CJIS(REQUIREMENTS(...(24( TABLE(3:(APPLICABILITY(OF(CJIS(CONTROLS(TO(VCLOUD(INFRASTRUCTURE(...(25( TABLE(4:(APPLICABILITY(OF(CJIS(CONTROLS(TO(VCLOUD(NETWORKING(AND(SECURITY(...(29( TABLE(5:(CJIS(CONTROLS(APPLICABILITY(MATRIX(NEED(MORE(SERVICE(COMPOSER(...(34( TABLE(6:(CJIS(CONTROLS(APPLICABILITY(MATRIX(...(39( (
3 Revision(History( ( DATE( REV( AUTHOR( COMMENTS( REVIEWERS( August14, NoahWeisberger InitiallyCreated InternalSME,VMware July MaryBethAngin Updates Compliance&CyberRisk Team Design(Subject(Matter(Experts( Thefollowingpeopleprovidedkeyinputintothisdesign. NAME( (ADDRESS( ROLE/COMMENTS( NoahWeisberger noah.weisberger@coalfire.com( Director Cloud,Virtualization&MobilePractice,Coalfire SatnamPurewal satnam.purewal@coalfire.com( Associate,Coalfire Trademarks( TheVMwareproductsandsolutionsdiscussedinthisdocumentareprotectedbyU.S.andinternationalcopyright andintellectualpropertylaws.vmwareproductsarecoveredbyoneormorepatentslistedat Statesand/orotherjurisdictions.Allothermarksandnamesmentionedhereinmaybetrademarksoftheir companies. SOLUTION(AREA( VMware(vCloud ( Infrastructure VMware(vCloud (Networking( and(security VMware(NSX VMware(vRealize ( Operations (((formerly( vcenter) KEY(PRODUCTS( VMwareESXi,VMwarevSphere,VMwarevShieldEndpoint,VMware vrealizeserver andvmwarevclouddirector VMwarevCloud NetworkingandSecurityApp,VMwarevCloud NetworkingandSecurityDataSecurity,VMwarevCloud Networkingand SecurityEdgeGateway,VMwarevCloud NetworkingandSecurity Manager VMwareNSXEdge,NSXFirewall,NSXRouter,NSXLoadBalancer,NSX ServiceComposer VMwarevRealize OperationsManager,VMwarevRealize Configuration Manager,VMwarevRealize InfrastructureNavigator,VMwarevRealize Orchestrator,VMwarevCenter UpdateManager,VMwarevRealize AutomationCenter,VMwarevRealize LogInsight VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 3 ( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
4 * * VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 4 ( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
5 VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 5 ( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective* Executive(Summary( VMware,theleaderincloudcomputingsoftwareforenterprises,recognizesthetremendousopportunitythat CriminalJusticeInformationServices(CJIS)provideslawenforcementandintelligenceagencieswishingtoleverage VMwaresolutionsfortheirapplications,includingefficiencies,costsavings,cyberdriskmanagement,and compliance.vmwarehasdevelopedareferencearchitectureframework(raf)thatprovidesaconsistentwayfor VMware,itspartners,andorganizationstoassessandevaluatetheimpactofregulationsonvirtualandcloud environments.mostorganizationsbeginthecomplianceprocessbymappingthemandatedrequirementstotheir specificorganizationalneeds.thisisusuallyadifficulttaskthatcanutilizesignificantamountoftimeand resources.tostreamlinetheprocess,vmwarehasestablishedasingleholisticapproachthatcanbeusedto evaluatethevmwareenvironment,partnersolutions,andendusertools. OrganizationscansignificantlyreducethecomplexityandcostofCJISPolicycompliancebyreplacingtraditional nondintegratedsolutionswithintegratedsolutions.vmwarehasmappeditsproductsuitestospecificcjiscontrols whichaddresstheissuesofcomplianceforcjis.asmostorganizationsknow,thereisnosingleproductthatcan meetallofanorganization sneeds.toaddressthisgap,vmware,togetherwiththevmwarepartnerecosystem deliverscompliancedorientedsolutions,enablingcjiscompliancebyautomatingthedeployment,provisioningand operationofregulatedenvironments.vmwareprovidesthesolutionreferencearchitecture,cjisspecificguidance andsoftwaresolutionsthatbusinessesrequiretoachievecontinuouscompliance,alongwithbreakthroughspeed, efficiencyandagilityfortheirdeployments.thesesolutionsdirectlyaddressagencyneedsfor: * Costandinfrastructureefficiency * Simplifiedmanagementandreporting * Infrastructuretransparency * EffectiveCyberdRiskManagement * Abilitytoenableandmaintainasecureandcompliantenvironment TheVMwareComplianceRAF(ReferenceArchitectureFramework)providesaprogrammaticapproachtomap VMwareandpartnerproductstoregulatorycontrols,fromanindependentauditorperspective.Theresultis valuableguidancethatincorporatesbestpractices,design,configurationanddeploymentguidancewith independentauditoroversightandvalidation. VMwarerecognizesthatsecurityandcompliancearecriticalareasthatmustbeaddressedbyallorganizations accessingcriminaljusticeinformation(cji).bystandardizinganapproachtocomplianceandexpandingthe approachtoincludepartners,vmwareprovidescustomersaprovensolutionthatmorefullyaddressestheir complianceneeds.thisapproachprovidesmanagement,itarchitects,administrators,andauditorsahighdegree oftransparencyintorisks,solutions,andmitigationstrategiesformovingcriticalapplicationstothecloudina secureandcompliantmanner.thisisespeciallyimportantwhenthepenaltiesfornoncomplianceareextremely highduetothesensitivityofcji.failingtocomplywiththecjismandatedrequirementscouldmeanrevocationof accessorfines. Complianceisdefinedasasetofrequirementsnecessarytomeetasetofminimumcontrols,establishedbythe regulatorygroup.compliancewithallapplicablecontrolscanbechallengingwhenbalancedwiththefactthat criminaljusticeinformationneedstobeavailable24/7inorderforlawenforcement,nationalsecurity,andthe intelligencecommunitypartnerstoprotecttheunitedstateswhilepreservingcivilliberties.thefederalbureauof Investigation(FBI)establishedtheCriminalJusticeInformationServices(CJIS)Divisionin1992tomeetthis
6 challenge.today,cjisisfbi slargestdivisionandprocessesmillionsoftransactionsonadailybasis,withresponse timesrangingfromminutestoseconds. 1 TheCJISDivisionisresponsibleformanyinformationtechnologydbased systemslikethenationalcrimeinformationcenter(ncic),nationalinstantcriminalbackgroundchecksystem (NICS),InterstateIdentificationIndex(III),NationalDataExchange(NdDEx),UniformCrimeReporting(UCR) Program,andtheNextGenerationIdentification(NGI).Thesesystemsprovidestate,local,andfederallaw enforcementandcriminaljusticeagencieswithtimelyandsecureaccesstocritical,personalinformationsuchas fingerprintrecords,criminalhistories,andsexoffenderregistrations. CJISsystemsareaccessedbyCriminalJusticeAgencies(CJA)andNoncriminalJusticeAgencies(NCJA).PertheCJIS Policy,aCJAisacourtorgovernmentalagencythatallocatesbudgettotheadministrationofcriminaljusticeand performstheadministrationofcriminaljusticepursuanttoastatuteorexecutiveorder.examplesofcjas: * * * Policeagencies Correctionalinstitutions PublicdefenderDivisions Inmanycases,theseCJA sarelookingtoleveragethecostsavingsandefficiencieswhichvirtualizationprovides, whileprovidingandmanagingrealdtimeaccesstocriminaljusticeinformation.anexampleofthiswouldbethe patrolofficerneedingtoperformacriminalinformationlookuporopenwarrantsearchfromhispatrolvehicle, leveragingavirtualdesktopenvironmenttokeepallcjicontainedwithinthedatacenter/cloudenvironment. AnNCJAisdefinedasanentitythatprovidesservicesoraccesstocriminaljusticeinformation,suchascivil fingerprintdbasedbackgroundchecks,forpurposesotherthantheadministrationofcriminaljustice.ncja scanbe eitherpublicorprivateentities,andmainlyusecjiforhiring,licensing,andscreeningpurposes.thefollowing organizationsareexamplesoftypicalncjas: * PrivateBackgroundCheckServiceProviders * Licensingdivisions * Schools * Healthcareadministrations JustaswithCJA s,ncja salsohaverequirementsforefficienciesandeffectiveresourcemanagement,whichcan begreatlyenabledbythevmwarevirtualizedinfrastructuremodel,whilemaintainingcompliancewiththecjis programinordertoaccesscjiorchri.anexampleofthiswouldbeaserviceproviderthatwishestoprovide criminalbackgroundcheckservicestootherorganizationsusingawebportal,andwishestovirtualizetheir backenddatacenterinfrastructure. WiththehighvolumeoftransactionsprocesseddailybytheCJISdatabases,itisessentialthatallaccessis authorizedforcriticalandsensitiveinformationatcjis.forthisreason,thereisaneedforapolicytogovern accesstothecjisdatabase. TheCJISPolicywasenactedtofillthisvoid.Thepremiseistoprovideappropriatecontrolstoprotectthefull lifecycleofcriminaljusticeinformation(cji),whetheratrestorintransitbydefiningtheminimumrequirements forthecreation,viewing,modification,transmission,dissemination,storage,anddestructionofcjidata.cjirefers 1 (2013(CJIS(Annual(Report( VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 6 ( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
7 toalldataprovidedforlawenforcementandcivilagenciestoperformtheirmissions,includingbiometric,identity history,biographic,property,andcase/incidentdata.theintentisprotectingcjiuntilitisreleasedtothepublicvia authorizeddisseminationoritispurgedordestroyedinaccordancewithapplicablerecordretentionrules. VMwareispreparedtohelpagenciescomplywiththemandatedrequirementsthroughtheuseofVMware ProductsandSuites.Also,VMware'stechnologypartners'solutionswithintheVMwareComplianceSolution Frameworkmaybeusedtoprovideadditionalcapabilitiesandmoreeffectivelymanagetheprocessofachieving& maintainingcjiscompliancewiththegreatestsecurity,agilityandcostsavings ForthesereasonsVMwarehasenlisteditsAuditPartnerstoengageinaprogrammaticapproachtoevaluate VMwareproductsandsolutionsforCJIScontrolcapabilitiesandthentodocumentthesecapabilitiesintoasetof referencearchitecturedocuments.thefirstofthesedocumentsinthecjisreferencearchitecturesolutionsetis thisdocument,thevmwarecjisproductapplicabilityguide,whichcontainsamappingofthevmwareproducts andfeaturesthatshouldbeconsideredforachievingcjiscompliance.subsequentdocumentsinthisserieswill includethevmwarecjisarchitecturedesignguide,andthevmwarecjislabvalidatedreferencearchitecture. FormoreinformationonthesedocumentsandthegeneralapproachtocomplianceissuespleasereviewVMware's( Approach(to(Compliance. ThisdocumentpresentsdifferentVMwareapplicationsavailabletoorganizationsthatuse(orareconsidering using)virtualizationandcloudtosupportacjiscompliantenvironment.tothatend,coalfirehighlightedthe specificcjisrequirementsthattheseapplicationsaddress,orwhichshouldbeconsideredinanevaluationofthe initialsourcingoftechnologiestobuildacjiscompliantenvironment. Thefollowingtablerepresents atdadglance thehighdlevelapplicabilitymappingforthevmwareproducts includedinthisanalysis,indexedtothe12cjistopdlevelcontrolgroups,andpresentedingreaterdetailbelow. Table(1:(HighJlevel(CJIS(Policy(Area(Mapping( * VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 7 ( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
8 ThecontrolsselectedforthispaperarefromCJISversion5.2.Ithasbeenreviewedandauthoredbyourstaffof CJISauditorsinconjunctionwithVMware. ' ' VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 8 ( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
9 Introduction( The*CJIS*Security*Policy*integrates*presidential*directives,*federal*laws,*FBI*directives*and*the*criminal*justice* community s*apb*decisions*along*with*nationally*recognized*guidance*from*the*national*institute*of*standards*and* Technology.**The*Policy*is*presented*at*both*strategic*and*tactical*levels,*is*periodically*updated*to*reflect*the*security* requirements*of*evolving*business*models,*and*features*modular*sections*enabling*more*frequent*updates*to*address* emerging*threats*and*new*security*measures.**the*security*criteria*provided*by*the*policy*assists*agencies*with* designing*and*implementing*systems*to*meet*a*uniform*base*level*of*risk*and*security*protection*while*enabling* agencies*the*latitude*to*institute*more*stringent*security*requirements*and*controls*based*on*their*business*model* and*local*needs.** The*CJIS*Policy*applies*to*every*individual contractor,*private*entity,*noncriminal*justice*agency*representative,*or* member*of*a*criminal*justice*entity with*access*to,*or*who*operates*in*support*of,*criminal*justice*services*and* information.*the*cjis*security*policy*from*version*5.0*forward*is*publically*available*and*can*be*posted*and*shared* without*restrictions.**cjis*5.2*is*the*current*version*and*is*maintained*by*the*fbi*cjis*division*information*security* Officer*(FBI*CJIS*ISO).*** * Compliance*with*the*CJIS*Policy*mandate*was*implemented*in*a*phased*approach.**Unique*and*strong*passwords* were*step*one*with*a*deadline*to*comply*by*september*2010.*the*next*step*was*the*requirement*to*implement* Advanced*Authentication*(AA)*(i.e.*twoYfactor*or*multiYfactor*authentication).*AA*requires*an*additional*authenticator* beyond*the*login*id*and*password.**additional*authenticators*can*be*found*with*biometric*systems,*userybased*public* key*infrastructure*(pki),*smart*cards,*and*software*tokens.*many*local*law*enforcement*agencies*were*not*able*to* meet*the*original*implementation*deadline*of*february*2013,*which*resulted*in*an*extension*to*september*2013.**the* extension*still*did*not*provide*ample*time*for*most*agencies*to*comply*so*the*deadline*was*extended*again*to* September*2014.**There*is*not*likely*to*be*another*extension*and*the*penalties*for*not*complying*include*revocation*of* access,*fines*or*both.*compliance*is*determined*through*audits*once*every*three*years*by*the*cjis*audit*unit*(cau).* The*CJIS*Policy*has*a*shared*management*philosophy*with*federal,*state,*local,*and*tribal*law*enforcement.*The* following*figure*provides*a*visual*categorization*of*functions*and*roles:** Figure(1:(CJIS(Program(Structure( Per*the*Roles*and*Responsibilities*outlined*in*3.2*of*the*CJIS*Policy,*the*CJIS*System*Agencies*(CSA)*are* responsible*for*establishing*and*administering*an*information*technology*security*program*throughout*the*csa s* user*community.*for*example,*in*texas*the*department*of*public*safety*serves*as*the*csa*for*the*state*of*texas.* ' VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 9 ( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
10 The*head*of*the*CSA*will*execute*a*signed*written*user*agreement*with*the*FBI*CJIS*Division*stating*its*willingness*to* demonstrate*conformity*with*this*policy*before*accessing*and*participating*in*cjis*records*information*programs.* Each*agency*shall*allow*the*FBI*to*periodically*test*the*ability*to*penetrate*the*FBI s*network*through*the*external* network*connection*or*system.** TheCSAisresponsibleforappointingaCJISSystemsOfficer(CSO)whoisresponsiblefortheadministrationofthe CJISnetworkfortheagency.TheCSOapprovesaccesstoFBICJISsystemsandensurestheCJISDivisionoperating proceduresarefollowedbyallusersoftherespectiveservicesandinformation.althoughtheroleofcsocannot beoutsourcedaccordingtothecjispolicy,theresponsibilitiescanbedelegatedtosubordinateagencies.eachcsa isrequiredtoauditlocalagencieseverythreeyearstoensurecompliancebycjasandncjas. Complianceandsecurityaretopconcernsforlawenforcementandintelligenceagenciesworkingtomeetthe requirementsoutlinedinthecjispolicy.vmwarehelpsagenciesaddressthesechallengesbyprovidingbundled solutions(suites)thataredesignedforspecificusecases.theseusecasesaddressquestionslike HowcanIbe CJIScompliantinaVMwaresupportedenvironment? byprovidinghelpfulinformationforvmwarearchitects,the compliancecommunity,andthirdparties.whileeverycompliancesolutionisunique,vmwarecanprovidea solutionthataddressesapproximately56%ofcjistechnicalcontrolsrequiredforcompliance.figure2below showstheproportionoftechnicalrequirementsaddressedbyvmwareinrelationtothetotalnumberof requirementsthatarenondtechnicalororganizationalresponsibility. Figure(2:(CJIS(Requirements(and(VMware( CJISRequirements OrganizationResponsibilityd NonTechnical VMWareTechnicalProducts ( ( * ' VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 10( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
11 Figure'3:'VMware'+'Partner'Product'Capabilities'for'a'Trusted'Cloud' Due*to*the*common*capabilities*of*the*VMware*products*and*features*across*all*of*the*CJI*Use*Cases,*understanding* the*relationship*of*these*products*and*features*to*the*twelve*cjis*control*areas*is*fundamental*and*most*broadly* accommodated*in*this*document*with*more*use*case*specific*guidance,*which*will*be*represented*in*the*forthcoming* Architecture*Design*Guide.*RegardlessoftheUseCaseoroperatingenvironmentmodel,theCJIScontrolareas representabroaddbased,balanced,informationsecurityprogramthataddressesthemanagement,operational, andtechnicalaspectsofprotectingfederalinformationandinformationsystems.themanagement,operational, andtechnicalcontrols(i.e.,safeguardsorcountermeasures)areprescribedforaninformationsysteminorderto protecttheconfidentiality,integrity,andavailabilityofthesystemanditsinformation.theoperationalsecurity controlsareimplementedandexecutedprimarilybypeople(asopposedtosystems).themanagementcontrols focusonthemanagementofriskandthemanagementofinformationsystemsecurity.thetechnicalsecurity controlsareimplementedandexecutedprimarilybytheinformationsystemthroughmechanismscontainedinthe hardware,software,orfirmwarecomponentsofthesystem. Acomprehensiveassessmentofthemanagement,operationalandtechnicalcontrolsthathavebeenselectedfor the informationsystem isrequiredaspartoftheauthorizationprocess.thisassessmentmustdeterminethe extenttowhichallselectedcontrolsareimplementedcorrectly,operatingasintended,andproducingdesired outcomeswithrespecttomeetingthesecurityrequirementsforthesystem.anunderstandingofcjiscontrolsas implementedwithvmwarelendsitselftonotonlyharmonizingtheongoingcomplianceoftheprivatecloud environmentbutalsothesharedresponsibilityforcomplianceinthepubliccloudenvironment.thiscommonset ofwelldunderstoodpoliciesandproceduresimplementedinacommonvmwaresoftwaredefineddatacenter architecturesacrossprivateandpubliccloudenablesnotonlythehybridcloudtobecomerealitybutopensup tremendousopportunitiesfortightercontrolandagility. * ' * VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 11( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
12 Overview(of(the(CJIS(Security(Policy(as(it(Applies(to(Cloud/Virtual( Environments( Complianceandsecurityaretopconcernsforlawenforcementandintelligenceagenciesworkingtomeetthe requirementsoutlinedinthecjispolicy.failingtocomplywiththerequirementsofthepolicycouldresultinloss ofaccessthatiscriticaltoperformdailydutiesineffectiveandefficientmanner.itcouldalsoimpactthesafetyof thepublictheyaretryingtoprotect.failingtocomplycouldmeanheavyfinesthatcouldputastrainonalready limitedbudgets.vmwarehasmappedproductsuitestocjisrequirementswhichreducesthetimeandresources requiredtoevaluatedifferentsolutions. VariousstateshavecontactedtheFBICJISISOtorequestguidanceoncomplianceinvirtualenvironments.TheCJIS Divisionunderstandthebenefitsofvirtualizationbutalsorequiresafoundationofsecurityprotectionmeasures.In AppendixGoftheCJISPolicy,thebenefitsandvulnerabilitiesareidentifiedandsoarethemitigatingfactors: (Figure(4:(Virtualization(Risk(Mitigation( BENEFITS( VULNERABILITIES( MITIGATIONS( * Makebetteruseofunderd utilizedserversby consolidatingtofewer machinessavingon hardware,environmental costs,management,and administrationoftheserver infrastructure. * Legacyapplicationsunableto runonnewerhardware and/oroperatingsystemscan beloadedintoavirtual environment replicatingthe legacyenvironment. * Providesforisolatedportions ofaserverwheretrustedand untrustedapplicationscanbe ransimultaneously enabling hotstandbysforfailover. * Enablesexistingoperating systemstorunonshared memorymultiprocessors. * Systemmigration,backup, andrecoveryareeasierand moremanageable. * HostDependent. * Ifthehostmachinehasaproblem thenallvmscouldpotentially terminate. * Compromiseofthehostmakesit possibletotakedowntheclient servershostedontheprimary hostmachine. * Ifthevirtualnetworkis compromisedthentheclientis alsocompromised. * Clientshareandhostsharecanbe exploitedonbothinstances. Potentiallythiscanleadtofiles beingcopiedtothesharethatfill upthedrive. * * Environmentandaccesstothe physicalenvironment. * Configurationandpatch managementofthevirtual machineandhost,i.e.keep operatingsystemsand applicationpatchesuptodate onbothvirtualmachinesand hosts. * Installtheminimum applicationsneededonhost machines. * Practiceisolationfromhost andvirtualmachine. * Installandkeepupdated antivirusonvirtualmachines andthehost. * Segregationofadministrative dutiesforhostandversions. * Auditloggingaswellas exportingandstoringthelogs outsidethevirtual environment. * Encryptingnetworktraffic betweenthevirtualmachine andhostidsandips VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 12( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
13 monitoring. * Firewalleachvirtualmachine fromeachotherandensure thatonlyallowedprotocols willtransact. * * Not*every*consumer*of*FBI*CJI*services*will*encounter*all*of*the*policy*areas*therefore*the*circumstances*of* applicability*are*based*on*individual*agency/entity*configuration*and*usage.*there*are*116*requirements*mandated*in* the*policy*of*which*72*will*be*the*responsibility*of*the*individual*agency/entity.**the*remaining*44*can*be*met*through* a*combination*of*vmware*and*the*individual*agency/entity s*controls.*** CJIScompliancewassetinamandatereleasedbytheFBIonJanuary1,2011.Thecurrentversion5.2wasreleased onaugust9,2013.ithasbeenapprovedbythecjisadvisorypolicyboard.itcanbefoundat: * * VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 13( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
14 Cloud(Computing(and(Virtual(Environments( Cloudcomputingandvirtualizationhavecontinuedtogrowsignificantlyeveryyear.Thereisarushtomove applicationsandevenwholedatacenterstothe cloud,althoughfewpeoplecansuccinctlydefinetheterm cloud computing. Thereareavarietyofdifferentframeworksavailabletodefinethecloud,andtheirdefinitionsare importantastheyserveasthebasisformakingbusiness,security,andauditdeterminations.vmwaredefines cloudorutilitycomputingasthefollowing( cloud/faqs.html): Cloud'computing'is'an'approach'to'computing'that'leverages'the'efficient'pooling'of'on6demand,' self6managed'virtual'infrastructure,'consumed'as'a'service.'sometimes'known'as'utility' computing,'clouds'provide'a'set'of'typically'virtualized'computers'which'can'provide'users'with'the' ability'to'start'and'stop'servers'or'use'compute'cycles'only'when'needed,'often'paying'only'upon' usage.. ' Figure(5:(Cloud(Computing( Therearecommonlyaccepteddefinitionsforthecloudcomputingdeploymentmodelsandthereareseveral generallyacceptedservicemodels.thesedefinitionsarelistedbelow: ( * Private(Cloud Thecloudinfrastructureisoperatedsolelyforanorganizationandmaybemanagedbythe organizationorathirdparty.thecloudinfrastructuremaybeonpremiseoroffdpremise. VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 14( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
15 VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 15( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective* * Public(Cloud Thecloudinfrastructureismadeavailabletothegeneralpublicortoalargeindustrygroupand isownedbyanorganizationthatsellscloudservices. * Hybrid(Cloud Thecloudinfrastructureisacompositionoftwoormoreclouds(privateandpublic)that remainuniqueentities,butareboundtogetherbystandardizedtechnology.thisenablesdataandapplication portability;forexample,cloudburstingforloadbalancingbetweenclouds.withahybridcloud,an organizationcangetthebestofbothworlds,gainingtheabilitytoburstintothepubliccloudwhenneeded whilemaintainingcriticalassetsonpremise. * Community(Cloud Thecloudinfrastructureissharedbyseveralorganizationsandsupportsaspecific communitythathassharedconcerns(forexample,mission,securityrequirements,policy,andcompliance considerations).itmaybemanagedbytheorganizationsorathirdparty,andmayexistonpremiseoroff premise. Whenanorganizationisconsideringthepotentialimpactofcloudcomputingtoitshighlyregulatedandcritical applications,itmaywanttostartbyasking: * Isthearchitectureatruecloudenvironment(doesitmeetthedefinitionofcloud)? * WhatservicemodelisusedfortheCJISdataenvironment(SaaS,PaaS,IaaS)? * Whatdeploymentmodelwillbeadopted? * Isthecloudplatformatrustedplatform? The*last*point*is*critical*when*considering*moving*highly*regulated*applications*to*a*cloud*platform.*CJIS*does*not* endorse*or*prohibit*any*specific*service*and*deployment*model,*and*the*appropriate*choice*of*service*and* deployment*models*will*be*driven*by*customer*requirementsa*among*which*the*concept*of*leveraging*a*trusted* platform*for*the*cloudybased*solution*is*a*consideration*which*ideally,*will*be*taken*into*account.* * VMware*is*the*market*leader*in*virtualization,*the*key*enabling*technology*for*cloud*computing.**VMware s*vcloud* Suite*is*the*trusted*cloud*platform*that*customers*use*to*realize*the*many*benefits*of*cloud*computing*including*safely* deploying*business*critical*applications.** Togetstarted,VMwarerecommendsthatallnewcustomersundertakeacomplianceassessmentoftheircurrent environment.vmwareoffersfreecompliancecheckersthatarebasedonvmware svrealizeconfiguration Managersolutions.Customerscansimplypointthecheckeratatargetenvironmentandexecuteacompliance assessmentrequest.theresultantcompliancereportprovidesadetailed rulebyrule indicationofpassorfailure againstagivenstandard.where*compliance*problems*are*identified,*customers*are*directed*to*a*detailed*knowledge* base*for*an*explanation*of*the*problem*posed*by*a*particular*rule*and*information*about*potential*remediation.*to downloadthefreecompliancecheckersclickonthefollowinglink: TolearnmoreaboutVMware sapproachtocloudcomputing,reviewthefollowing: * VMware(Cloud(Computing(Overview( * (VMware s(vcloud(architecture(toolkit(( * IfyouareanorganizationorpartnerthatisinterestedinmoreinformationontheVMwareComplianceProgram, please usatcompliancejsolutions@vmware.com.
16 Where(to(Start(J(Considerations(for(System(Owners,(IT(and(Assessors( Migrating*a*traditional*IT*infrastructure*to*a*virtual*or*cloud*environment*has*a*significant*impact*on*an*organization* that*extends*beyond*information*technology.***security*and*compliance*continue*to*remain*top*concerns*for* management,*it*departments,*and*auditors.**all*three*functions*should*be*represented*and*engaged*to*consider* carefully*the*benefits*and*risks*of*any*it*virtualization*or*cloud*projects.*the*move*to*cloud*and*virtual*environments* has*many*technical*considerations,*but*it*should*also*be*a*business*decision.**organizations*should*review*the* benefits*and*risks*of*their*current*environment*and*compare*them*to*the*different*cloud*deployment*models*and* service*models.( Thefollowingquestionsmaybeimportantwhenconsideringthepotentialbusinessimpact,benefits,andrisksofavirtual and/orcloudenvironment. Law(Enforcement(Considerations( 1.* WhenwasthelasttimeyouhadaCJISaudit?Whoconductedit?Didyoupass?Whenisyournextaudit? 2.* Howdoyouseparateapplicationsthathold/handleCJI(CriminalJusticeInformation)fromthosethatdon't? 3.* Howdoyouhandletheprocessingofpaymentsforcitations? 4.* Whatarethemissioncriticalapplicationsyouruninthefieldanddispatchcenters?(CAD(ComputerAided Dispatch),RMS(RecordsManagementService),AVL(AutomaticVehicleLocator),VideoRecordingDevice,LPR (LicensePlateReader) 5.* HowdoyouensureyoumaintaincontinuouscompliancewiththeCJISrequirements? 6.* Howmanyserversinyourdatacenter?VM's?Howaretheyconnected? 7.* AreyouusingAdvancedAuthenticationtoday?Ifso,whatareyouusing? 8.* WhatCADsoftwaredoyouuse?Howoftendoyouupdateit?Whatversionareyouusingnow? 9.* WhatRMSsoftwaredoyouuse?Howoftendoyouupdateit?Whatversionareyouusingnow? 10.* DoyoumaintainaconnectiontoaStateAuthorityortoaRegionalAuthorityforNCICdata? 11.* Whatdoyouknowaboutasoftwaredefinedenterprise? 12.* Howmanypatrolvehiclesinyourfleet? 13.* DoeseveryvehiclehaveaMDT/MCT(MobileDataTerminal/MobileComputerTerminal)? 14.* Whattypeofdevicesandoperatingsystemdoyouuseinyourpatrolcar? 15.* Howdoyoumanagetheendpointdevicesinthepatrolvehicles? 16.* Howdoyoumaintainnetworkcommunicationswhenvehiclesareinthefleet? 17.* Aretheredisconnects?Ifso,whathappensduringthedisconnect? 18.* Dotheyneedtostayconnectedthroughouttheday? 19.* Areyouusingcellularforconnectivity?(Somebigcitiesarestillusingradiowithlessthan19.2kbps connections) 20.* AreyouusinganAPNserviceorDataLinkfromyourcarrier? 21.* DoyouuseaVPNtoday?Ifso,whatkind? 22.* Haveyouconsolidated911services?Ifso,how? 23.* Haveyouconsolidateddispatchservices?Ifso,how? 24.* Howmanydispatchers/dispatchlocations? 25.* Howmanyadministrativestaff? 26.* HowmanyITstaff? 27.* Howdoyoumaintainconnectivitytodispatchcentersduringadisaster? 28.* Whatdisasterplanninghaveyoucompletedtoprotectthedispatchcenters? 29.* Whatdoyouseeastheshortdcomingsofyourcurrentmobileenvironment? 30.* Howdoyouthinkyourofficerswouldanswerthatquestion? IT(Considerations( 1.* HowdoestheITOperationsplanaddressthecompany sstrategicandoperationalgoals? VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 16( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
17 2.* Whatmanualprocessesareinplacethatcanbeautomated? 3.* WhataretheskillsandcapabilitiesoftheITDepartment? 4.* Havetherebeenanypreviousattemptstovirtualizeoroutsourcecriticaloperations? 5.* WhichITinitiativescurrentlyunderwaycouldimpacttheCJISsystemboundary? 6.* Howisencryptioncurrentlyusedtolimitrisk? 7.* Howissensitivedatacurrentlyclassified(i.e.,doyouknowwhereallyourdataresides)? 8.* AretheresecondarysystemsthatmighthaveCJIdata? 9.* HowhassecurityandcomplianceaffectedITOperations? VMwareJSpecific(Assessment(Considerations( 1.* WhatcertificationsdoesyourteamhaveinVMwareproductsorsolutions? 2.* Areyouworkingwithanauditpartnertohelpassessandmanagerisk&complianceconsiderations? 3.* HowmanyindividualsthatarepartoftheassessmentteamhaveexperiencewithVMware? 4.* HowlonghavetheybeenworkingwithVMwarearchitectures? 5.* Whatreferencesdotheyhaveforconductingsimilarassessments? * * VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 17( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
18 Guidance(from(CJIS(Security(Policy( VMwarehasidentifiedthecontrolsintheCJISSecurityPolicythathighlightsomeofthecriticalrequirementsand guidancethatindividualagencies/entitiesarerequiredtoaddressaspartoftheirdeployments.vmwarehasalso providedinformationregardinghowvmwaretoolsaredesignedtohelporganizationsaddressthesecontrols. TheCJISSecurityPolicyisdividedinto12policyareas.Eachpolicyareaprovidesbothstrategicreasoningand tacticalimplementationrequirementsandstandards.componentapplicabilityalignmentwithineachpolicyarea helpagenciesrelatethepolicytotheirownagencycircumstances. Policy(Area(1requiresformalagreementstobeinplacepriortotheexchangeofanyCJI.Italsorequiresthe establishmentofproceduresforhandlingandstorageofinformationsoitisprotectedfromunauthorized disclosure,alterationormisuse.thecsaheadisrequiredtosignawrittenuseragreementwiththefbicjis Divisionstatingtheirwillingnesstodemonstrateconformitywiththepolicybeforeaccessingandparticipatingin CJISrecordsinformationprograms. Policy(Area(2requiresbasicsecurityawarenesstrainingwithinsixmonthsofinitialassignment,andbiennially thereafterforallpersonnelwhohaveaccesstocji.itdetailstherequiredsecuritytrainingbasedontypeofaccess. Policy(Area(3requiresCSAstoestablishanoperationalincidenthandlingcapabilityforagencyinformationsystems thatincludesadequatepreparation,detection,analysis,containment,recovery,anduserresponseactivitiesas wellastrack,document,andreportincidentstoappropriateagencyofficialsand/orauthorities.csaiso sto ensurelasosinstitutethecsaincidentresponsereportingproceduresatthelocallevel. Policy(Area(4requiresagenciestoimplementauditandaccountabilitycontrolstoincreasetheprobabilityof authorizedusersconformingtoaprescribedpatternofbehavior. Policy(Area(5requiresanagencytocreate,modify,disable,anddeleteaccountsonatimelybasis.Agenciesare requiredtovalidateaccountsatleastannually. Policy(Area(6requiresagenciestoidentifysystemusersandprocessesactingonbehalfofusersandauthenticate theidentitiesofthoseusersorprocessesasaprerequisitetoallowingaccesstoagencyinformationsystemsor services. Policy(Area(7requiresonlyqualifiedandauthorizedindividualshaveaccesstoinformationsystemcomponentsfor purposesofinitiatingchanges,includingupgrades,andmodifications. Policy(Area(8requiresmediaprotectionpolicyandproceduresaredocumentedandimplementedtoensurethat accesstoelectronicandphysicalmediainallformsisrestrictedtoauthorizedindividuals. Policy(Area(9requiresthedocumentationandimplementationofphysicalprotectionpolicyandproceduresto ensurecjiandinformationsystemhardware,software,andmediaarephysicallyprotectedthroughaccesscontrol measures. Policy(Area(10requiresapplicationsandservicestohavethecapabilitytoensuresystemintegritythroughthe detectionandprotectionagainstunauthorizedchangestosoftwareandinformation Policy(Area(11requiresformalauditstobeconductedtoensurecompliancewithapplicablestatues,regulations, andpolicies. VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 18( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
19 Policy(Area(12definesrequiresforallpersonnelwhohaveaccesstounencryptedCJI.Thefollowingtable summarizesthecjisrequirementsthatcanbemetwiththevmwaresuiteofproducts. * Table(2:(CJIS(Control(Applicability(Mapping( CJIS' Policy' Requirement' Addressed'by'VMware' 5.1' Policy'Area'1:'Information'Exchange'Agreements* * 5.1.1' Information*Exchange* Yes* ' Information*Handling* Yes* ' State*and*Federal*Agency*User*Agreements* No* ' Criminal*Justice*Agency*User*Agreements* No* ' Interagency*and*Management*Control*Agreements* No* ' Private*Contractor*User*Agreements*and*CJIS*Security* No* Addendum* ' Agency*User*Agreements* No* ' Outsourcing*Standards*for*Channelers* No* ' Outsourcing*Standards*for*NonBChannelers* No* 5.1.2' Monitoring,*Review,*and*Delivery*of*Services* No* ' Managing*Changes*to*Service*Providers* Yes* 5.1.3' Secondary*Dissemination* No* 5.1.4' Secondary*Dissemination*of*NonBCHRI*CJI* No* 5.2' Policy'Area'2:'Security'Awareness'Training* * ' All*Personnel* No* ' Personnel*with*Physical*and*Logical*Access* No* ' Personnel*with*Information*Technology*Roles* No* 5.2.2' Security*Training*Records* No* 5.3' Policy'Area'3:'Incident'Response* * 5.3.1' Reporting*Information*Security*Events* Yes* ' FBI*CJIS*Division*Responsibilities** No* ' CSA*ISO*Responsibilities* No* 5.3.2' Management*of*Information*Security*Incidents* No* ' Incident*Handling* Yes* ' Collection*of*Evidence** No* 5.3.3' Incident*Response*Training* No* 5.3.4' Incident*Monitoring* Yes* 5.4' Policy'Area'4:'Auditing'and'Accountability* * 5.4.1' Auditable*Events*and*Content*(Information*Systems)** Yes* ' Events* Yes* ' Content** Yes* 5.4.2' Response*to*Audit*Processing*Failures* Yes* 5.4.3' Audit*Monitoring,*Analysis,*and*Reporting* No* 5.4.4' Time*Stamps* Yes* VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 19( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
20 5.4.5' Protection*of*Audit*Information* Yes* 5.4.6' Audit*Record*Retention** Yes* 5.4.7' Logging*NCIC*and*III*Transactions* No* 5.5' Policy'Area'5:'Access'Control* * 5.5.1' Account*Management* Yes* 5.5.2' Access*Enforcement* Yes* ' Least*Privilege* Yes* ' System*Access*Control* Yes* ' Access*Control*Criteria* Yes* ' Access*Control*Mechanisms* Yes* 5.5.3' Unsuccessful*Login*Attempts* Yes* 5.5.4' System*Use*Notification* Yes* 5.5.5' Session*Lock* Yes* 5.5.6' Remote*Access* Yes* ' Personally*Owned*Information*Systems* No* ' Publicly*Accessible*Computers* No* 5.5.7' Wireless*Access*Restrictions* No* ' All*802.11x*Wireless*Protocols* No* ' Legacy*802.11*Protocols* No* ' Cellular*Risk*Mitigations* No* ' Voice*Transmissions*Over*Cellular*Devices* No* ' Mobile*Device*Management*(MDM)** No* ' Bluetooth* No* 5.6' Policy'Area'6:'Identification'and'Authentication* * 5.6.1' Identification*Policy*and*Procedures* Yes* ' Use*of*Originating*Agency*Identifiers*in*Transactions*and* Yes* Information*Exchanges* 5.6.2' Authentication*Policy*and*Procedures* Yes* ' Standard*Authenticators* No* ' Password* Yes* ' Advanced*Authentication*Policy*and*Rationale* Yes* ' Advanced*Authentication*Decision*Tree* No* 5.6.3' Identifier*and*Authenticator*Management* No* ' Identifier*Management* Yes* ' Authenticator*Management* Yes* 5.6.4' Assertions* No* 5.8' Policy'Area'7:'Configuration'Management' * 5.7.1' Access*Restrictions*for*Changes* No* ' Least*Functionality* Yes* ' Network*Diagram* Yes* 5.7.2' Security*of*Configuration*Documentation* No* 5.8' Policy'Area'8:'Media'Protection* * 5.8.1' Media*Storage*and*Access* No* 5.8.2' Media*Transport* No* ' Electronic*Media*in*Transit* No* VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 20( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
21 ' Physical*Media*in*Transit* No* 5.8.3' Electronic*Media*Sanitization*and*Disposal* No* 5.8.4' Disposal*of*Physical*Media* No* 5.9' Policy'Area'9:'Physical'Protection* * ' Security*Perimeter* No* ' Physical*Access*Authorizations* No* ' Physical*Access*Control* No* ' Access*Control*for*Transmission*Medium* No* ' Access*Control*for*Display*Medium* No* ' Monitoring*Physical*Access* No* ' Visitor*Control* No* ' Delivery*and*Removal* No* 5.9.2' Controlled*Area* No* 5.10' Policy'Area'10:'System'and'Communications' Protection'and'Information'Integrity* * ' Information*Flow*Enforcement* Yes* ' Boundary*Protection* Yes* ' Encryption* Yes* ' Intrusion*Detection*Tools*and*Techniques* Yes* ' Voice*over*Internet*Protocol* No* ' Cloud*Computing* Yes* ' Facsimile*Transmission*of*CJI* No* ' Partitioning* Yes* ' Virtualization* Yes* ' Patch*Management* Yes* ' Malicious*Code*Protection* Yes* ' Spam*and*Spyware*Protection* No* ' Personal*Firewall* No* ' Security*Alerts*and*Advisories* Yes* ' Information*Input*Restrictions* No* 5.11' Policy'Area'11:'Formal'Audits* * ' Triennial*Compliance*Audits*by*the*FBI*CJIS*Division* No* ' Triennial*Security*Audits*by*the*FBI*CJIS*Division* No* ' Audits*by*the*CSA* No* ' Special*Security*Inquiries*and*Audits* No* 5.12' Policy'Area'12:'Personnel'Security* * ' Minimum*Screening*Requirements*for*Individuals* No* Requiring*Access*to*CJI* ' Personnel*Screening*for*Contractors*and*Vendors* No* ' Personnel*Termination* No* ' Personnel*Transfer* No* ' Personnel*Sanctions* No* VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 21( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001' respective*
22 VMWARE(PRODUCT(APPLICABILITY(GUIDE(FOR(CJIS VMware(Technologies(and(CJIS( VMware*provides*an*extensive*portfolio*of*products*designed*to*help*organizations*support*security*and*compliance*needs.* While*every*environment*has*unique*needs,*VMware*can*provide*a*comprehensive*mix*of*solutions*with*features*that*are* designed*to*assist*with*cjis*compliance.**those*solutions *functionality,*features,*and*applicability*to*specific*cjis* requirements*are*addressed*in*detail*in*the*following*sections.* SOLUTION(AREA VMwarevCloud Infrastructure VMwarevCloud Networking andsecurity VMwareNSX VMwarevRealize Operations (formerly vcenter) KEY(PRODUCTS VMwareESXi,VMwarevSphere,VMwarevShieldEndpoint,VMware vrealizeserver andvmwarevclouddirector VMwarevCloud NetworkingandSecurityApp,VMwarevCloud Networking andsecuritydatasecurity,vmwarevcloud NetworkingandSecurityEdge Gateway,VMwarevCloud NetworkingandSecurityManager VMwareNSXEdge,NSXFirewall,NSXRouter,NSXLoadBalancer,NSXService Composer VMwarevRealize OperationsManager,VMwarevRealize Configuration Manager,VMwarevRealize InfrastructureNavigator,VMwarevRealize Orchestrator,VMwarevCenter UpdateManager,VMwarevRealize AutomationCenter,VMwarevRealize LogInsight TodeterminetheproductsandfeaturesavailablewithVMwareSuitespleaserefertoVMware.com:vCloud(Suite(5.5(( vcloud(networking(and(security(suite(5.5(,vrealize(operations(management(suite(6.0,(nsx(6.0( Figure(6:(VMware(Software(Defined(Data(Center(Products(and(Suites( ( VMWARE(PRODUCT(APPLICABILITY(GUIDE(22( ( VMware,(Inc.(3401(Hillview(Avenue(Palo(Alto(CA(94304(USA(Tel(877J486J9273(Fax(650J427J5001( Copyright 2011VMware,Inc.Allrightsreserved.ThisproductisprotectedbyU.S.andinternationalcopyrightandintellectualpropertylaws.VMwareproductsarecovered byoneormorepatentslistedathttp:// jurisdictions.allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
23 VMware(CJIS(Requirements(Matrix((Overview)( VMwarehascreatedaCJISRequirementsMatrixtoassistorganizationswithanunderstandingofVMwaresolutions, VMwarePartnersolutions(wheretheyoverlap),andtheremainingcustomerresponsibilitiesthatmustbeaddressed separatelybythecustomerthroughuseofothertoolsorprocesses.whileeverycloudisunique,vmwarebelievesthat thevastmajorityofcjissecurityrequirementscanbeaddressedthroughthevmwaresuitesand/orvmwarepartner solutions. CJIS*Policy*requires*116*controls*to*be*met*in*order*to*be*considered*compliant.**These*controls*can*be*divided*into* technical*(66)*and*nontechnical*controls*(50).**vmware*is*currently*able*to*address*44*of*the*66*technical*controls*with* VMware*products*and*partner*products.**Additionally,*there*are*6*nontechnical*control*requirement*where*VMware*can* support*and*facilitate*the*required*program*areas.* TheremaininggapsinaddressingCJISSecurityrequirementsmaybefilledbythecustomerthroughothertools(i.e. approvingcustomers policies,keepinganupdatednetworkdiagram,approvingchanges,etc.) Figure(7:(CJIS(Security(Requirements(and(VMware( CJISRequirements OrganizationResponsibilityd NonTechnical ( VMWareTechnicalProducts VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 23( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001'
24 Table(3:(CJIS(Requirements( CJIS(SECURITY(POLICY(REQUIREMENT( #(OF(CJIS(ASSESSMENT(TESTS( TESTS(ADDRESSED(IN( VMWARE'S(PRODUCTS( Information(Exchange(Agreements( 12 1 Security(Awareness(and(Training( 5 0 Incident(Response( 9 4 Auditing(and(Accountability( 10 8 Access(Control( Identification(and(Authentication( 14 8 Configuration(Management( 4 2 Media(Protection( 7 0 Physical(Protection( 10 0 System(and(Communications(Protection(and( Information(Integrity( Formal(Audits( 4 0 Personnel(Security( 5 0 TOTAL( 116( 44( * * * VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 24( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001'
25 CJIS(Requirements(Matrix((By(VMware(Suite)( vcloud(infrastructure(( ForthepurposesoftheVMwareApplicabilityGuideforCJIS,vCloudInfrastructureincludesvSphere(ESXi,vCenterServer) andvclouddirector.vsphereprovidesthefoundationofthevirtualarchitectureallowingfortheoptimizationofitassets. vclouddirectorextendsthefoundationofthevspherevirtualarchitecturebyenablingorganizationstobuildsecure clouds*and*fine*tune*for*security*and*compliance*inprivate,multidtenant,mixeddmode,andhybridclouds.asvcloud leveragesthevspherearchitecture,thevspherecomponentsintegratetocreateasinglevcloudthatcanbeoptimizedfor securityandcomplianceconsiderations.whileitencompassesmanyfeaturesforstorage,businesscontinuity,and automation;forthepurposesofthiscjisreferencearchitecture,thecriticalcomponentsthatapplytocjisforvcloud Infrastructureincludethefollowingcomponents: * * * * ESXi( ESXiisatype1hypervisor(baremetal)thatisthefundamentalbuildingblockforvirtualizingphysicalcompute resourcesforcloudcomputingmodels.esxiserversareclusteredwithinthevsphereconstruct,whichoffersmany featuressuchasloadbalancingandhighavailability.theesxikernelhasasmallfootprint,noserviceconsoleandcan limitcommunicationtovcenteraccessonly. vshield(endpoint(j(withintegrationofother3rdpartyendpointsolutions(suchasantidvirus),vshieldendpoint improvestheperformancebyoffloadingkeyantivirusandantidmalwarefunctionstoasecuredvirtualmachineand eliminatingtheantivirusagentfootprintandoverheadinvirtualmachines.( vrealize(server vcenterserverisaserver(virtualorphysical)thatprovidesunifiedmanagementfortheentire virtualinfrastructureandunlocksmanykeyvspherecapabilities.vcenterservercanmanagethousandsofvirtual machinesacrossmultiplelocationsandstreamlinesadministrationwithfeaturessuchasrapidprovisioningand automatedpolicyenforcement. vcloud(director((vcd)dvcdpoolsdatacenterresourcesincludingcompute,storageandnetwork,alongwiththeir relevantpoliciesintovirtualdatacenters.fullyencapsulated,multidtiervirtualmachineservicesaredeliveredas vapps,usingtheopenvirtualizationformat(ovf).endusersandtheirassociatedpoliciesarecapturedin organizations.withprogrammaticandpolicydbasedpoolingofinfrastructure,usersandservices,vmwarevcloud Directorenforcespolicies,whichenableCJISdatatobesecurelyprotected,andnewvirtualmachinesand applicationstobesecurelyprovisionedandmaintained. ThefollowingproductmatrixexplainswhichCJIScontrolsareapplicabletovCloudInfrastructure.Italsoexplainshow vcloudsuiteenablesuserstomeetcjisrequirements.thecontrolshighlightedinboldarethosethathavebeenselected forthecjisbaseline. Table(4:(Applicability(of(CJIS(Controls(to(vCloud(Infrastructure( POLICY(AREA( CONTROLS( ADDRESSED( CJIS(CONTROLS(APPLICABILITY(MATRIX( VCLOUD(INFRASTRUCTURE(DESCRIPTION( Information(Exchange( vrealizessosupportsintegrationwithroledbasedaccesscontrol systems,whichsupportstheagencyneedtodefineroles& responsibilitiesforinclusionininformationexchangeagreements, whicharerequiredforaccesstocjidata. Security(Awareness N/A N/A VMWARE(PRODUCT(APPLICABILITY ( GUIDE( 25( VMware,Inc.'3401'Hillview'Avenue'Palo'Alto'CA'94304'USA'Tel'877I486I9273'Fax'650I427I5001'
VMware!EUC!Product!Applicability!Guide! for!payment!card!industry!data!security! Standard!(PCI!DSS)!version!3.0!
VMware EUCProductApplicabilityGuide forpaymentcardindustrydatasecurity Standard(PCIDSS)version3.0 July2015 v1.0 TECHNICALWHITEPAPER ThisisthefirstdocumentintheComplianceReferenceArchitectureforPCI.You
More informationVMware!SDDC!Product! Applicability!Guide!for! FedRAMP,!v!1.0! February,!2014! v1.0!
VMWAREPRODUCTAVAILABILITY GUIDEFORFEDRAMP VMwareSDDCProduct ApplicabilityGuidefor FedRAMP,v1.0 February,2014 v1.0 TECHNICALGUIDE This is the first document in the Compliance Reference Architecture for
More informationVMware!Product!Applicability!Guide!for!! Payment!Card!Industry!Data!Security!Standard!
VMwareProductApplicabilityGuidefor PaymentCardIndustryDataSecurityStandard (PCIDSS)version3.0 February2014 V3.0 DESIGNDOCUMENT This is the first document in the Compliance Reference Architecture For PCI.
More informationVMware 'SDDC'Product' Applicability'Guide'for' HIPAA/HITECH,'v1.0 '
VMware SDDCProduct ApplicabilityGuidefor HIPAA/HITECH,v1.0 November2013 TECHNICALGUIDE This is the first document in the Compliance Reference Architecture for HIPAA. You can find more information on the
More informationVMware vsphere 5.5: Install, Configure, Manage Lab Addendum. Lab 4: Working with Virtual Machines
VMware vsphere 5.5: Install, Configure, Manage Lab Addendum Lab 4: Working with Virtual Machines Document Version: 2014-06-02 Copyright Network Development Group, Inc. www.netdevgroup.com NETLAB Academy
More informationPaperClip. em4 Cloud Client. Setup Guide
PaperClip em4 Cloud Client Setup Guide Copyright Information Copyright 2014, PaperClip Inc. - The PaperClip32 product name and PaperClip Logo are registered trademarks of PaperClip Inc. All brand and product
More informationvcloud Suite Licensing
vcloud Suite 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this
More informationPatch Management. Module 13. 2012 VMware Inc. All rights reserved
Patch Management Module 13 You Are Here Course Introduction Introduction to Virtualization Creating Virtual Machines VMware vcenter Server Configuring and Managing Virtual Networks Configuring and Managing
More informationUila SaaS Installation Guide
USER GUIDE Uila SaaS Installation Guide January 2016 Version 1.8.1 Company Information Uila, Inc. 2905 Stender Way, Suite 76E Santa Clara, CA 95054 USER GUIDE Copyright Uila, Inc., 2014, 15. All rights
More informationVMware Cloud Environment
VMware Cloud Environment Enterprise level virtual datacentre: providing highly redundant, fast and scalable solutions. An eukhost Technical White Paper. Page 1 Introduction... 3 Traditional physical solutions...
More informationvcenter Support Assistant User's Guide
vcenter Support Assistant 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions
More information1. VMware is part technology and part sales and marketing genius. As a result of their marketing efforts many people in IT (especially the newer
1 2 3 1. VMware is part technology and part sales and marketing genius. As a result of their marketing efforts many people in IT (especially the newer generations) believe that VMware invented virtualization.
More informationvsphere Host Profiles
ESXi 5.1 vcenter Server 5.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions
More informationUila Management and Analytics System Installation and Administration Guide
USER GUIDE Uila Management and Analytics System Installation and Administration Guide October 2015 Version 1.8 Company Information Uila, Inc. 2905 Stender Way, Suite 76E Santa Clara, CA 95054 USER GUIDE
More informationJuniper Networks Management Pack Documentation
Juniper Networks Management Pack Documentation Juniper Networks Data Center Switching Management Pack for VMware vrealize Operations (vrops) Release 2.5 Modified: 2015-10-12 Juniper Networks, Inc. 1133
More informationHow to Connect to Cloud4com virtual datacenter
How to Connect to Cloud4com virtual datacenter Enterprise IaaS Cloud Provider Cloud4com, a. s. U Uranie 18/954 170 00 Praha 7 Czech Republic Tel.: +420 734 649 949 http://www.cloud4com.com e-mail: support@cloud4com.com
More informationRSA Security Analytics
RSA Security Analytics Event Source Log Configuration Guide VMware NSX Last Modified: Friday, March 13, 2015 Event Source Product Information: Vendor: VMware Event Source: VMware NSX Version: 6.1.2 RSA
More informationDrobo How-To Guide. Topics. Back Up to Drobo File Sharing Storage Using StorageCraft ShadowProtect
Drobo storage is an excellent backup-to-disk destination when used with StorageCraft ShadowProtect, allowing you to protect critical assets on your Windows servers, workstations, and notebooks. ShadowProtect
More informationInstalling and Configuring vcenter Multi-Hypervisor Manager
Installing and Configuring vcenter Multi-Hypervisor Manager vcenter Server 5.1 vcenter Multi-Hypervisor Manager 1.1 This document supports the version of each product listed and supports all subsequent
More informationVblock Systems hybrid-cloud with Cisco Intercloud Fabric
www.vce.com Vblock Systems hybrid-cloud with Cisco Intercloud Fabric Version 1.0 April 2015 THE INFORMATION IN THIS PUBLICATION IS PROVIDED "AS IS." VCE MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND
More informationPaperClip. em4 Cloud Client. Manual Setup Guide
PaperClip em4 Cloud Client Manual Setup Guide Copyright Information Copyright 2014, PaperClip Inc. - The PaperClip32 product name and PaperClip Logo are registered trademarks of PaperClip Inc. All brand
More informationBLACK BOX. Quick Start Guide. Virtual Central Management System (VCMS) Works with LES Series Console Servers. LES-VCMS. Customer Support Information
LES-VCMS Virtual Central Management System (VCMS) Quick Start Guide Works with LES Series Console Servers. BLACK BOX Customer Support Information Order toll-free in the U.S.: Call 877-877-BBOX (outside
More informationAbout the VM-Series Firewall
About the VM-Series Firewall Palo Alto Networks VM-Series Deployment Guide PAN-OS 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 http://www.paloaltonetworks.com/contact/contact/
More informationUsing the vcenter Orchestrator Plug-In for vsphere Auto Deploy 1.0
Using the vcenter Orchestrator Plug-In for vsphere Auto Deploy 1.0 vcenter Orchestrator 4.2 This document supports the version of each product listed and supports all subsequent versions until the document
More informationSecure Agent Quick Start for Windows
Secure Agent Quick Start for Windows 1993-2015 Informatica Corporation. No part of this document may be reproduced or transmitted in any form, by any means (electronic, photocopying, recording or otherwise)
More informationHow to Configure an Initial Installation of the VMware ESXi Hypervisor
How to Configure an Initial Installation of the VMware ESXi Hypervisor I am not responsible for your actions or their outcomes, in any way, while reading and/or implementing this tutorial. I will not provide
More informationSolicitation Addendum
Solicitation Number: 100049 Solicitation Description: Solicitation Opening Date and Time: Addendum Number: 01 Addendum Date: May 23, 2016 Purchasing Agent: NORTH CAROLINA DEPARTMENT OF INFORMATION TECHNOLOGY
More informationVMware vcloud Automation Center 6.1
VMware vcloud Automation Center 6.1 Reference Architecture T E C H N I C A L W H I T E P A P E R Table of Contents Overview... 4 What s New... 4 Initial Deployment Recommendations... 4 General Recommendations...
More informationComprehensive Monitoring of VMware vsphere ESX & ESXi Environments
Comprehensive Monitoring of VMware vsphere ESX & ESXi Environments Table of Contents Overview...3 Monitoring VMware vsphere ESX & ESXi Virtual Environment...4 Monitoring using Hypervisor Integration...5
More informationManagement Pack for vrealize Infrastructure Navigator
Management Pack for vrealize Infrastructure Navigator This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To
More informationWA2192 Introduction to Big Data and NoSQL. Classroom Setup Guide. Web Age Solutions Inc. Copyright Web Age Solutions Inc. 1
WA2192 Introduction to Big Data and NoSQL Classroom Setup Guide Web Age Solutions Inc. Copyright Web Age Solutions Inc. 1 Table of Contents Part 1 - Minimum Hardware Requirements...3 Part 2 - Minimum Software
More informationSecurity. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;
Security N Environments '' J J H -. i ^ s j}! Dave Shackleford '**»* t i j i««; l:i in: John Wiley &. Sons, Inc. Contents Introduction.. : xix Chapter l Fundamentals of Virtualization Security Virtualization
More informationVMware vrealize Automation
VMware vrealize Automation Reference Architecture Version 6.0 and Higher T E C H N I C A L W H I T E P A P E R Table of Contents Overview... 4 What s New... 4 Initial Deployment Recommendations... 4 General
More informationQuick Start Guide. for Installing vnios Software on. VMware Platforms
Quick Start Guide for Installing vnios Software on VMware Platforms Copyright Statements 2010, Infoblox Inc. All rights reserved. The contents of this document may not be copied or duplicated in any form,
More informationVMsources Group Inc. www.vmsources.com 1-866-644-7764
VMware Horizon View 6 Virtual Desktop Deployment COURSE DESCRIPTION Our VMware View class offers participants the most extensive training available in the Installation, Configuration and Management of
More informationVormetric Addendum to VMware Product Applicability Guide
Vormetric Data Security Platform Applicability Guide F O R P A Y M E N T C A R D I N D U S T R Y ( P C I ) P A R T N E R A D D E N D U M Vormetric Addendum to VMware Product Applicability Guide FOR PAYMENT
More informationQuick Start - Virtual Private Cloud in Germany and Australia
Quick Start - Virtual Private Cloud in Germany and Australia vcloud Air This document supports the version of each product listed and supports all subsequent versions until the document is replaced by
More informationData Center Connector for vsphere 3.0.0
Product Guide Data Center Connector for vsphere 3.0.0 For use with epolicy Orchestrator 4.6.0, 5.0.0 Software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS
More informationTELSTRA CLOUD SERVICES CLOUD INFRASTRUCTURE PRICING GUIDE AUSTRALIA
TELSTRA CLOUD SERVICES CLOUD INFRASTRUCTURE PRICING GUIDE AUSTRALIA WELCOME TO TELSTRA CLOUD SERVICES Our cloud infrastructure solutions are made up of a combination of scalable cloud resources, including
More informationHow to install/upgrade the LANDesk virtual Cloud service appliance (CSA)
How to install/upgrade the LANDesk virtual Cloud service appliance (CSA) The upgrade process for the virtual Cloud Services Appliance is a side- by- side install. This document will walk you through backing
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to ServiceNow
Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow VMware Identity Manager AUGUST 2015 V1 Configuring Single Sign-On from VMware Identity Manager to ServiceNow Table of Contents
More informationNovaBACKUP: VMware Plug-In
NovaBACKUP: VMware Plug-In Nathan Fouarge / NovaStor / April 2012 2012 NovaStor, all rights reserved. All trademarks are the property of their respective owners. Features and specifications are subject
More informationREDEFINE SIMPLICITY TOP REASONS: EMC VSPEX BLUE FOR VIRTUALIZED ENVIRONMENTS
REDEFINE SIMPLICITY AGILE. SCALABLE. TRUSTED. TOP REASONS: EMC VSPEX BLUE FOR VIRTUALIZED ENVIRONMENTS Redefine Simplicity: Agile, Scalable and Trusted. Mid-market and Enterprise customers as well as Managed
More informationVMware vcenter Configuration Manager and VMware vcenter Application Discovery Manager Integration Guide
VMware vcenter Configuration Manager and VMware vcenter Application Discovery Manager Integration Guide vcenter Configuration Manager 5.6 vcenter Application Discovery Manager 6.2 This document supports
More informationSATELLITE Impact Analysis
SATELLITE Impact Analysis USER GUIDE May 2014 TABLE OF CONTENTS Introduction... 2 How does it Work... 3 Filtering the Landscape... 5 Important Notice This document is subject to the following conditions
More informationTELSTRA CLOUD SERVICES CLOUD INFRASTRUCTURE PRICING GUIDE SINGAPORE
TELSTRA CLOUD SERVICES CLOUD INFRASTRUCTURE PRICING GUIDE SINGAPORE WELCOME TO TELSTRA CLOUD SERVICES Our cloud infrastructure solutions are made up of a combination of scalable cloud resources, including
More informationGetting Started with OpenStack and VMware vsphere TECHNICAL MARKETING DOCUMENTATION V 0.1/DECEMBER 2013
Getting Started with OpenStack and VMware vsphere TECHNICAL MARKETING DOCUMENTATION V 0.1/DECEMBER 2013 Table of Contents Introduction.... 3 1.1 VMware vsphere.... 3 1.2 OpenStack.... 3 1.3 Using OpenStack
More informationUsing the vcenter Orchestrator Plug-In for Microsoft Active Directory
Using the vcenter Orchestrator Plug-In for Microsoft Active Directory vcenter Orchestrator 4.1 This document supports the version of each product listed and supports all subsequent versions until the document
More informationEMC SYNCPLICITY FILE SYNC AND SHARE SOLUTION
EMC SYNCPLICITY FILE SYNC AND SHARE SOLUTION Automated file synchronization Flexible, cloud-based administration Secure, on-premises storage EMC Solutions January 2015 Copyright 2014 EMC Corporation. All
More informationBacking Up the CTERA Portal Using Veeam Backup & Replication. CTERA Portal Datacenter Edition. May 2014 Version 4.0
Backing Up the CTERA Portal Using Veeam Backup & Replication CTERA Portal Datacenter Edition May 2014 Version 4.0 Copyright 2009-2014 CTERA Networks Ltd. All rights reserved. No part of this document may
More informationInstall Guide for JunosV Wireless LAN Controller
The next-generation Juniper Networks JunosV Wireless LAN Controller is a virtual controller using a cloud-based architecture with physical access points. The current functionality of a physical controller
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to WebEx
Configuring Single Sign-on from the VMware Identity Manager Service to WebEx VMware Identity Manager SEPTEMBER 2015 V 2 Configuring Single Sign-On from VMware Identity Manager to WebEx Table of Contents
More informationXTIVIA, Inc. Vicinity for Salesforce Installation Guide
XTIVIA, Inc. Vicinity for Salesforce Installation Guide Vicinity for Salesforce Our Mission XTIVIA, Inc. offers expertise in CRM applications, business process optimization, and Sales Consulting services
More informationSymantec Backup Exec Management Plug-in for VMware User's Guide
Symantec Backup Exec Management Plug-in for VMware User's Guide The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement.
More informationMobile Print/Scan Guide for Brother iprint&scan (Android )
Mobile Print/Scan Guide for Brother iprint&scan (Android ) Before You Use Your Brother Machine Definitions of Notes We use the following symbol and convention throughout this User's Guide: Tips icons indicate
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationStarWind iscsi SAN Software: Using StarWind with VMware ESX Server
StarWind iscsi SAN Software: Using StarWind with VMware ESX Server www.starwindsoftware.com Copyright 2008-2010. All rights reserved. COPYRIGHT Copyright 2008-2010. All rights reserved. No part of this
More informationVMware vcloud Automation Center 6.0
VMware 6.0 Reference Architecture TECHNICAL WHITE PAPER Table of Contents Overview... 4 Initial Deployment Recommendations... 4 General Recommendations... 4... 4 Load Balancer Considerations... 4 Database
More informationVMware vcenter Log Insight Developer's Guide
VMware vcenter Log Insight Developer's Guide vcenter Log Insight 2.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationRemote PC Guide Series - Volume 2b
Document Version: 2013-09-06 R720 This guide provides hardware model-specific guidance in server configuration, with BIOS and RAID configuration instructions for the Dell R720. This guide is part of a
More informationvsphere Replication for Disaster Recovery to Cloud
vsphere Replication for Disaster Recovery to Cloud vsphere Replication 5.8 This document supports the version of each product listed and supports all subsequent versions until the document is replaced
More informationIntegration and Automation with Lenovo XClarity Administrator
Integration and Automation with Lenovo XClarity Administrator Extend Management Processes to Existing Ecosystems Lenovo Enterprise Business Group April 2015 2015 Lenovo. All rights reserved. Introduction
More informationVMware vcenter Log Insight Administration Guide
VMware vcenter Log Insight Administration Guide vcenter Log Insight 1.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by
More informationVMware vcloud Air - Disaster Recovery User's Guide
VMware vcloud Air - Disaster Recovery User's Guide vcloud Air This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition.
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to Dropbox
Configuring Single Sign-on from the VMware Identity Manager Service to Dropbox VMware Identity Manager SEPTEMBER 2015 V1 Configuring Single Sign-On from VMware Identity Manager to Dropbox Table of Contents
More informationHow to Avoid the Hidden Costs That Derail Cloud Projects. White paper
How to Avoid the Hidden Costs White paper DECEMBER 2012 Table of Contents The Challenge: Making Your Private Cloud Fit Your IT Infrastructure Puzzle.... 3 Cloud-Management Extensibility... 4 Mitigating
More informationSetting up VMware ESXi for 2X VirtualDesktopServer Manual
Setting up VMware ESXi for 2X VirtualDesktopServer Manual URL: www.2x.com E-mail: info@2x.com Information in this document is subject to change without notice. Companies, names, and data used in examples
More informationVirtual Appliance Setup Guide
Virtual Appliance Setup Guide 2015 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property of their respective
More informationCyber Security: Software Security and Hard Drive Encryption
Links in this document have been set for a desktop computer with the resolution set to 1920 x 1080 pixels. Cyber Security: Software Security and Hard Drive Encryption 301-1497, Rev A September 2012 Copyright
More informationUsing TLS Encryption with Microsoft Outlook 2007
Using TLS Encryption with Microsoft Outlook 2007 This guide is meant to be used with Microsoft Outlook 2007. While the instructions are similar, the menu layouts and options have changed since the previous
More informationvcenter Operations Management Pack for SAP HANA Installation and Configuration Guide
vcenter Operations Management Pack for SAP HANA Installation and Configuration Guide This document supports the version of each product listed and supports all subsequent versions until a new edition replaces
More informationDatacenter Management and Virtualization. Microsoft Corporation
Datacenter Management and Virtualization Microsoft Corporation June 2010 The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the
More informationDrobo How-To Guide Drobo Apps - Configuring ElephantDrive
The Drobo 5N provides simple and affordable network attached storage for the connected home or small office. ElephantDrive is a cloud-based service that provides real-time protection of all, or a subset
More informationVirtualization and cloud computing monitoring
Virtualization and cloud computing monitoring Virtualization and cloud computing monitoring OpenOffice/PDF Version 1º Edition, 14 February 2011 Artica Soluciones Tecnológicas 2005 2011 1 MONITORING AMAZON
More informationVMware vrealize Automation
VMware vrealize Automation Reference Architecture Version 6.0 or Later T E C H N I C A L W H I T E P A P E R J U N E 2 0 1 5 V E R S I O N 1. 5 Table of Contents Overview... 4 What s New... 4 Initial Deployment
More informationSUREedge Software Appliance (vmware) Installation Guide
SUREedge Software Appliance (vmware) Installation Guide Thank you for choosing SUREedge This guide describes the procedure to obtain and install SUREedge software appliance on a vmware server. The steps
More informationDrobo How-To Guide. Deploy Drobo iscsi Storage with VMware vsphere Virtualization
The Drobo family of iscsi storage arrays allows organizations to effectively leverage the capabilities of a VMware infrastructure, including vmotion, Storage vmotion, Distributed Resource Scheduling (DRS),
More informationVirtual Dashboard for VMware and Hyper-V
Virtual Dashboard for VMware and Hyper-V USER MANUAL Steelgate Technologies, February 2015, all rights reserved. All trademarks are the property of their respective owners. Features and specifications
More informationvsphere Replication for Disaster Recovery to Cloud
vsphere Replication for Disaster Recovery to Cloud vsphere Replication 6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced
More informationManaging Multi-Hypervisor Environments with vcenter Server
Managing Multi-Hypervisor Environments with vcenter Server vcenter Server 5.1 vcenter Multi-Hypervisor Manager 1.0 This document supports the version of each product listed and supports all subsequent
More informationVMware vcenter Configuration Manager SQL Migration Helper Tool User's Guide vcenter Configuration Manager 5.6
VMware vcenter Configuration Manager SQL Migration Helper Tool User's Guide vcenter Configuration Manager 5.6 This document supports the version of each product listed and supports all subsequent versions
More informationFXLoader Cloud Service Deployment Guide
Version: FXLoader Cloud Service Deployment Guide www.fxloader.com Copyright 2002-2015 FXLoader - Care I.T. Services Ltd. All Rights Reserved Version: Contents INTRODUCTION DEPLOYMENT GUIDE Overview Audience
More informationVMware vcloud Air HIPAA Matrix
goes to great lengths to ensure the security and availability of vcloud Air services. In this effort VMware has completed an independent third party examination of vcloud Air against applicable regulatory
More informationProduct Guide Addendum. SafeWord Check Point User Management Console Version 2.1
Product Guide Addendum SafeWord Check Point User Management Console Version 2.1 Copyright 2005 Secure Computing Corporation. All rights reserved. No part of this publication may be reproduced, transmitted,
More informationGet Success in Passing Your Certification Exam at first attempt!
Get Success in Passing Your Certification Exam at first attempt! Exam : VCAW510 Title : VMware Certified Associate - Workforce Mobility (VCA-WM) Version : V8.02 1.How are fully provisioned desktops created
More informationBusiness Process Desktop: Acronis backup & Recovery 11.5 Deployment Guide
WHITE Deployment PAPERGuide Business Process Desktop: Acronis backup & Recovery 11.5 Deployment Guide An Acronis White Paper Copyright Acronis, Inc., 2000 2011 Deployment Guide Table of contents About
More informationTHE BLUENOSE SECURITY FRAMEWORK
THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program
More informationCopyright 2013 wolfssl Inc. All rights reserved. 2
- - Copyright 2013 wolfssl Inc. All rights reserved. 2 Copyright 2013 wolfssl Inc. All rights reserved. 2 Copyright 2013 wolfssl Inc. All rights reserved. 3 Copyright 2013 wolfssl Inc. All rights reserved.
More informationMTP. MTP AirWatch Integration Guide. Release 1.0
MTP MTP AirWatch Integration Guide Release 1.0 FireEye and the FireEye logo are registered trademarks of FireEye, Inc. in the United States and other countries. All other trademarks are the property of
More informationDeploying Dell OpenManage Server Administrator on VMware ESXi Using Dell Online Depot and VMware Update Manager
Deploying Dell OpenManage Server Administrator on VMware ESXi Using Dell Online Depot and VMware Update Manager July 2013 Deepti Madhu Krishnaprasad K Deploying Dell OpenManage Server Administrator on
More informationMobile App User's Guide
Mobile App User's Guide Copyright Statement Copyright Acronis International GmbH, 2002-2012. All rights reserved. "Acronis", "Acronis Compute with Confidence", "Acronis Recovery Manager", "Acronis Secure
More informationVMware Cloud Management Marketplace
VMware Cloud Management Marketplace How to upload your management solution to the VMware Cloud Management Marketplace There are a total of 25 steps below based on an existing solution in the Cloud Management
More informationCloud Attached Storage
Performing a Bare-Metal Restore Cloud Attached Storage January 2014 Version 4.0 Copyright 2009-2014 CTERA Networks Ltd. All rights reserved. No part of this document may be reproduced in any form or by
More informationDrobo How-To Guide. Cloud Storage Using Amazon Storage Gateway with Drobo iscsi SAN
The Amazon Web Services (AWS) Storage Gateway uses an on-premises virtual appliance to replicate a portion of your local Drobo iscsi SAN (Drobo B1200i, left below, and Drobo B800i, right below) to cloudbased
More informationNovaBACKUP Virtual Dashboard
NovaBACKUP Virtual Dashboard User Manual NovaStor / April 2015 2015 NovaStor, all rights reserved. All trademarks are the property of their respective owners. Features and specifications are subject to
More informationSQL Express to SQL Server Database Migration MonitorIT v10.5
SQL Express to SQL Server Database Migration MonitorIT v10.5 (v10.5) March 2013 www.goliathtechnologies.com Legal Notices MonitorIT v10.5 Installation Guide Inc. All rights reserved. www.goliathtechnologies.com
More informationAdvanced Service Design
vcloud Automation Center 6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions
More informationEnterprise Manager. Version 6.2. Installation Guide
Enterprise Manager Version 6.2 Installation Guide Enterprise Manager 6.2 Installation Guide Document Number 680-028-014 Revision Date Description A August 2012 Initial release to support version 6.2.1
More informationVMware Auto Deploy GUI. VMware Auto Deploy Gui 5.0 Practical guide
VMware Auto Deploy Gui 5.0 Practical guide Introduction The scope of this document is to demonstrate how to configure and use the Auto Deploy GUI to manage stateless ESXi environments. 2012 VMware, Inc.
More informationPersonal Secure Email Certificate
Entrust Certificate Services Personal Secure Email Certificate Enrollment Guide Software version: 10.5 Date of Issue: May 2012 Document issue: 1.0 Copyright 2010-2012 Entrust. All rights reserved. Entrust
More information