VMware Capacity Planner Security
W H I T E P A P E R
VMware VMware Capacity Planner Security
Contents
Introduction....................................................................................................................1
Software Installed at the Customer Site ...................................................................1
Local Network Configuration for Capacity Planner................................................2
Data Collection at the Customer Site ........................................................................3
Transmitting Data to the Information Warehouse .................................................5
Data Handling in the Information Warehouse ........................................................5
Appendix A: Inventory and Performance Information Capacity Planner Collects from Windows Hosts......................................................................................7
Appendix B: Inventory and Performance Information Capacity Planner Collects from UNIX and Linux Hosts ....................................................................... 14
Appendix C: Information Warehouse Datacenter Security................................ 24
Policies and Procedures..............................................................................................................................................................24
Personnel Control...........................................................................................................................................................................24
Disaster Recover and Business Continuity ......................................................................................................................25
Physical Security..............................................................................................................................................................................25 Datacenter Construction ............................................................................................................................................................................. 25 Access Control .................................................................................................................................................................................................. 26 Security Entrance System............................................................................................................................................................................ 26 Access Logging ................................................................................................................................................................................................ 26 Closed Circuit Television System............................................................................................................................................................. 26
Network Infrastructure ................................................................................................................................................................27
Remote Access and VPN............................................................................................................................................................27
Firewall and Intrusion Detection and Prevention.......................................................................................................28
Contents i
VMware VMware Capacity Planner Security
Introduction VMware® Capacity Planner is a business and IT capacity planning tool that provides an integrated set of analysis, planning, and decision support functions to enable faster, measurable, and more accurate infrastructure assessment services.
Delivered as a hosted application service, Capacity Planner enables the consultants working with you — consultants from the VMware Professional Services Organization or from certified VMware partners — to provide comprehensive virtualization and system-consolidation assessments. These assessments help you make smart decisions when virtualizing and consolidating datacenter infrastructure, redeploying strategic IT assets, and optimizing workload capacity utilization.
VMware Capacity Planner is agentless — you do not need to install agent software on the computers that Capacity Planner analyzes. Running from a computer on your local network, Capacity Planner rapidly collects infrastructure data, which is initially stored on your local network, then transmitted securely to the Information Warehouse. Capacity Planner provides you an improved view of your IT environment, delivering critical insights into resource utilization that you can use to drive intelligent infrastructure capacity decisions. And drawing on the growing set of industry reference data in the Information Warehouse, Capacity Planner provides unparalleled comparative analysis and benchmarking to help guide system consolidation and capacity optimization decisions for your enterprise.
VMware understands the sensitivity of detailed data about your IT infrastructure and has designed Capacity Planner to maintain the security of that sensitive data at all times. Capacity Planner is also designed to collect the needed data without compromising the security of your IT environment.
This white paper provides descriptions of the data Capacity Planner collects and of the security measures that protect that data as it is stored, transmitted, and analyzed.
Software Installed at the Customer Site The consultant managing your Capacity Planner engagement installs the Capacity Planner Data Collector and its graphical user interface, the Capacity Planner Data Manager, on a computer at your site. Each Collector system can monitor approximately 500 systems in the network. Your consultant installs multiple Collector systems if needed.
The Capacity Planner Data Collector is installed on its own, separate computer connected to the same network as the target systems that Capacity Planner analyzes.
Your consultant can configure Capacity Planner to download any available updates for the Collector and the Data Manager automatically over a secure HTTPS connection.
No agents are installed on any of the target systems. Capacity Planner can analyze target systems running Windows, Linux, or UNIX operating systems. For Windows target systems, Capacity Planner identifies the systems and collects data using standard Microsoft interfaces. For UNIX and Linux systems, Capacity Planner uses simple scripts to collect inventory and performance data using Secure Shell (SSH) connections.
The software at the customer site uses the following basic security methods:
Local administrator accounts are required on all Windows target systems.
On Linux and Unix target systems, root access is required to perform full collection. However, all key metrics required for running consolidation scenarios can be collected using sudo commands.
Introduction 1
VMware VMware Capacity Planner Security
Accounts are stored and encrypted on the Collector server.
Capacity Planner uses RC4 password encryption with a private key.
Passwords are not shown in clear text in the Manager.
Local Network Configuration for Capacity Planner The system running the Capacity Planner Data Collector must be able to connect to all the Windows systems it is to analyze using the protocols and ports outlined in Table 1. These ports are general-purpose ports that Windows uses for most of its communications for file and printer sharing and authentication. They include 135, 137 to 139, and 445. The Collector uses these ports to pass credentials to the target systems and to collect data from the target systems.
If the target systems include servers behind firewalls and the needed ports must remain closed, your consultant can install an additional Collector inside the firewall.
Table 1: Microsoft Windows NetBIOS port usage
Port Protocol Service Description Windows services that use this port
135 TCP/UDP Loc-srv/epmap Microsoft DCE Locator service, also known as end-point mapper.
DHCP Server
DNS Server
WINS Server
137 TCP/UDP NetBIOS-ns NetBIOS names service. Firewall administrators frequently see large numbers of incoming packets to port 137. This traffic is caused by Windows servers that use NetBIOS (as well as DNS) to resolve IP addresses to names using the gethostbyaddr() function. As users behind the firewalls surf Windows-based Web sites, those servers frequently respond with NetBIOS lookups.
WINS Server
DNS Server
138 TCP/UDP NetBIOS-dgm NetBIOS datagram. Used by Windows and by services such UNIX services as Samba. It is used primarily by the SMB browser service that collects the information shown in Network Neighborhood on a Windows system.
139 TCP/UDP NetBIOS-ssn NetBIOS session. Windows file and printer sharing.
445 TCP/UDP DNS DNS Direct Hosting port. The Windows 2000 and Windows XP redirector and server components support direct hosting for communicating with other computers running Windows 2000 and Windows XP. Direct hosting does not use NetBIOS for name resolution. DNS is used for name resolution, and the Microsoft networking communication is sent directly over TCP without a NetBIOS header. Direct hosting over TCP/IP uses TCP and UDP port 445 instead of the NetBIOS session TCP port 139.
On UNIX and Linux target systems, the Collector requires access to port 22 for its Secure Shell (SSH) connection.
On Windows target systems, the Collector uses Windows Management Instrumentation control (WMI), the Registry, and Perfmon to collect inventory and performance data. To collect this information, it must connect to the target systems using an account that has at least local administrative rights on the target system. In many environments, the Collector uses a domain
Local Network Configuration for Capacity Planner 2
VMware VMware Capacity Planner Security
administrator account with rights on all or most of the target systems, the most convenient approach if the site’s security policies permit it.
The Collector can use multiple accounts to collect data from domains that do not trust each other.
On UNIX and Linux systems, the Collector runs standard system utilities through an SSH connection, so every UNIX and Linux target system must have the SSH server daemon running and configured properly for a successful connection. Root permissions are required for each UNIX or Linux system. Not having root permissions can result in incomplete data collection while executing the scripts remotely because only accounts with root privileges can run some of the utilities that the collector uses.
All user accounts used in Capacity Planner are stored in a database that is in the Collector installation directory. The passwords are encrypted using 128-bit AES encryption. Passwords are not shown in clear text in the Data Manager interface.
The Collector host also needs Internet access so it can send collected data to the Information Warehouse using HTTPS.
Data Collection at the Customer Site The Capacity Planner Data Collector systematically discovers domains and potential target systems in those domains, then inventories the target systems to provide data needed to assess capacity and utilization in your IT environment.
The discovery process uses a combination of:
LanMan browser requests
LDAP requests for Active Directory
DNS queries for legacy
IP scanning
The discover task identifies:
Domains
Systems
Workgroups
Active Directory nodes
The fact that the Collector discovers a system or node in your network does not mean that inventory or performance data must be collected from that system or node. Likewise, a node that is inventoried might not have performance data collected from it. The number of discovered nodes is often greater than the number of nodes that are inventoried or the number of nodes on which performance data is collected.
Your consultant can exclude domains from any further processing. In this case, to proceed with inventory or performance data collection from the nodes in an excluded domain, the domain must be re-enabled for that subsequent processing. This setting is used because often a company does not want to inventory or collect performance data on all of the domains in its network. Your consultant can also add domains and systems to the Collector database manually.
The Collector discovers domains using the WNet API (mpr.dll). The WNet API uses the NetBIOS interface implemented by the Microsoft LAN Manager API to enumerate domains and other
Data Collection at the Customer Site 3
VMware VMware Capacity Planner Security
properties that are useful in Capacity Planner analyses. This API uses ports 135–139. If a WINS server is available, it uses that server. Otherwise, the request is broadcast and the first browser service that responds provides the information.
The Collector discovers potential target systems using the netapi32.dll. This API uses the NetBIOS interface implemented by the Microsoft LAN Manager API to enumerate servers of a certain class of system such as workstation, server, SQL Server host, cluster, or IIS host. This API uses ports 135–39. If a WINS server is available, it uses that server. Otherwise, the request is broadcast and the first browser service that responds provides the information.
For Windows target systems, inventory is accomplished using WMI, Registry, and Perfmon API calls. The first thing that happens during inventory collection is mapping an IPC$ resource to the remote system. This is done for authentication and for response time calculations.
After the IPC$ resource is mapped to the remote target system, Collector uses the appropriate inventory method for the target system’s operating system to collect the information needed. The inventory methods include:
WMI — Windows 2000 and Windows XP system data is usually collected using WMI. WMI calls are carried over the standard NetBIOS or Direct Connection communications layers. These communications layers require ports 135 through 139 or 445 to be open.
Remote Registry and Perfmon — Windows NT 4.0 data is collected primarily with Remote Registry calls and Perfmon calls (for memory). These communications layers require ports 135 through 139 to be open.
For UNIX and Linux systems the Collector runs a simple script that runs the uname utility to get the host name and other basic system information.
The inventory collects information on such configuration details as CPU, memory, disk drives, network adapters, software, and services on the target system. (For detailed lists, see Appendix A and Appendix B.) Capacity Planner stores the inventory information on the system that hosts the Data Collector.
Performance information is collected using one of two methods — one method for Windows target systems and the other for Linux and UNIX target systems. The performance collection methods are:
Perfmon — Capacity Planner collects performance data from Windows target systems using the Perfmon API, requiring the establishment of an authenticated connection to any target system from which data is to be collected.
SSH — Capacity Planner collects data from Linux and UNIX target systems using SSH and secure copy (SCP). Two options are available: Your consultant can set the scripts to run on the Collector host system, communicating with the UNIX or Linux target systems over an SSH connection. Or your consultant, working over an SSH connection, can install the scripts on each UNIX or Linux target system. If the scripts run directly on the target systems, they send data to the Collector using SCP.
Capacity Planner stores the performance information on the system that hosts the Data Collector. (For details of performance information that Capacity Planner can collect, see the Capacity Planner Data Collection Guide.) Use your standard file system services to protect the files stored on that local system.
Data Collection at the Customer Site 4
VMware VMware Capacity Planner Security
Transmitting Data to the Information Warehouse After collecting inventory and performance data, Capacity Planner makes the data anonymous, then transmits the data over a secure connection to the Information Warehouse where the Data Analyzer aggregates it.
The inventory consists of data on CPU, RAM, hard drive, network interfaces, chassis, software, and services. Capacity Planner sends information on manufacturer, model, version, and status. The performance information includes counter names and statistics related to those counters. You can see the full list of counters using the performance module options in Data Manager.
The Collector sends the collected data to the VMware datacenter in CSV files via an HTTPS connection using SSL encryption. The CSV files sent from the Collector to the datacenter do not contain usernames, passwords, IP addresses, or share information. The CSV files do contain domain names and server names.
In addition to the standard security offered with data anonymity, your consultant can optionally mask server and domain names before the data is transmitted. If you use this additional masking, Capacity Planner replaces names with a pseudonym to further protect your privacy.
After the first set of data is transmitted to the Information Warehouse — usually a manual process after the first round of data collection — Capacity Planner normally synchronizes data automatically every hour. If appropriate, your consultant can set a custom synchronization interval or configure the Collector to use manual synchronization.
The data that Capacity Planner sends to the Information Warehouse includes hardware and software inventory information and performance data. Identifying information such as IP addresses and share names is not sent to the Information Warehouse by default. If appropriate, your consultant can adjust the configuration of the Data Manager to send system-identifiable information such as IP addresses, shares, and serial numbers.
On request, VMware can provide example files that show what kinds of data Capacity Planner collects and what data is transmitted to the Information Warehouse.
Data Handling in the Information Warehouse All client data sent to the Information Warehouse is stored in a secure environment. Firewalls and Intrusion prevention systems in the VMware datacenter protect all customer data stored in the Information Warehouse from unauthorized access. See Appendix C for details of the security measures in effect at VMware datacenters to protect data in the Information Warehouse.
Each customer’s data is stored under a unique identifier known as a corporate code. A unique account and password must be created to access the data. The accounts are created only for authorized users specified by the customer. VMware support and sales teams also have access to the data if they are engaged with the customer or project and the customer or customer’s representative has granted them access. All access to a company's data is audited. Your administrator can review the audit records at any time.
Capacity Planner uses anonymous inventory and performance data from all customers to provide valuable analysis to all users of the product. Capacity Planner removes all unique information such as system names from the data used for this analysis. Capacity Planner uses inventory data to describe configuration and uses performance data to compare your environment’s performance to industry averages. None of the data used in the research features can be traced back to a specific customer.
Data is retained and available until it is archived after one year.
Transmitting Data to the Information Warehouse 5
VMware VMware Capacity Planner Security
The data collected during the current year is kept at the weekly level. After one year, data is archived and no longer available online. Archives are retained for five years and contain only raw files. The archived files contain all the company’s data.
Communications between the Information Warehouse and the Dashboard use an HTTPS connection.
In the event of a data security breach with critical consequences, VMware will publish a Dashboard News item and notify the appropriate parties.
Data Handling in the Information Warehouse 6
VMware VMware Capacity Planner Security
Appendix A: Inventory and Performance Information Capacity Planner Collects from Windows Hosts The tables in this appendix summarize the key types of information Capacity Planner collects from Windows hosts. VMware will provide an example inventory file upon request.
Table 2: Server information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Host name Yes Yes Yes Yes
Domain name Yes Yes Yes Yes
Domain type Yes Yes Yes Yes
System partition Yes Yes Yes No
Boot directory Yes Yes Yes No
Path environment setting Yes No Yes No
Legal notice caption Yes No Yes No
Legal notice text Yes No Yes No
Auto logon setting Yes No Yes No
Shutdown with logon setting
Yes No Yes No
Server type Yes Yes Yes Yes
Server serial number Yes Yes Yes Yes
Table 3: Operating system information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Operating system manufacturer Yes Yes Yes Yes
Operating system version / release / service pack
Yes Yes Yes Yes
Appendix A: Inventory and Performance Information Capacity Planner Collects from Windows Hosts 7
VMware VMware Capacity Planner Security
Table 4: Motherboard and chassis information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Chassis manufacturer Yes Yes Yes Yes
Chassis model Yes Yes Yes Yes
Chassis BIOS make Yes No Yes Yes
BIOS version Yes Yes Yes No
BIOS date Yes Yes Yes No
Chassis maximum installable RAM Yes Yes Yes Yes
Chassis number of RAM slots Yes Yes Yes Yes
Chassis RAM type Yes Yes Yes Yes
Chassis maximum Installable CPUs Yes Yes Yes Yes
Chassis CPU type Yes Yes Yes Yes
Chassis number of PCI slots Yes Yes Yes Yes
Table 5: CPU information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
CPU description Yes Yes Yes Yes
CPU manufacturer Yes Yes Yes Yes
CPU model Yes Yes Yes Yes
CPU current speed No Yes Yes Yes
CPU maximum rated speed Yes Yes Yes Yes
CPU front side bus speed No Yes Yes Yes
CPU cache size Yes Yes Yes Yes
CPU slot number Yes Yes Yes Yes
CPU feature set No Yes Yes No
Appendix A: Inventory and Performance Information Capacity Planner Collects from Windows Hosts 8
VMware VMware Capacity Planner Security
Table 6: RAM information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
RAM manufacturer No Yes Yes Yes
RAM model No Yes Yes Yes
RAM size Yes Yes Yes Yes
RAM speed No Yes Yes Yes
RAM type No Yes Yes Yes
RAM form factor No Yes Yes Yes
RAM data width No Yes Yes Yes
RAM total width No Yes Yes Yes
RAM slot number No Yes Yes Yes
RAM serial number No Yes Yes No
Table 7: Drive adapter information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Drive adapter manufacturer Yes Yes Yes Yes
Drive adapter model Yes Yes Yes Yes
Drive adapter speed No No Yes Yes
Drive adapter type Yes Yes Yes Yes
Table 8: Drive information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Drive manufacturer Yes Yes Yes Yes
Drive model Yes Yes Yes Yes
Drive type Yes Yes Yes Yes
Drive space No Yes Yes Yes
Drive adapter attached Yes Yes Yes No
Scsi adapter attached Yes Yes Yes Yes
Drive unit number Yes Yes Yes No
Appendix A: Inventory and Performance Information Capacity Planner Collects from Windows Hosts 9
VMware VMware Capacity Planner Security
Table 9: Network adapter information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Network adapter manufacturer Yes Yes Yes Yes
Network adapter model Yes Yes Yes Yes
Network adapter speed Yes Yes Yes Yes
Network adapter type Yes Yes Yes Yes
Network adapter MAC address Yes Yes Yes Yes
Network adapter IP address Yes No Yes No
Network adapter address type (dynamic, static)
Yes No Yes Yes
Network adapter cable type Yes Yes Yes Yes
Table 10: Application information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Application manufacturer Yes Yes Yes Yes
Application name Yes Yes Yes Yes
Application display version Yes Yes Yes Yes
Application major version Yes Yes Yes Yes
Application minor version Yes Yes Yes Yes
Application patch level Yes Yes Yes Yes
Application build number Yes Yes Yes Yes
Application registered company Yes No Yes Yes
Application registered owner Yes No Yes Yes
Application product ID Yes Yes Yes Yes
Application installation date Yes Yes Yes Yes
Application installation location Yes Yes Yes Yes
Application installation source Yes Yes Yes Yes
Application estimated size Yes No Yes No
Appendix A: Inventory and Performance Information Capacity Planner Collects from Windows Hosts 10
VMware VMware Capacity Planner Security
Table 11: Services information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Service name Yes Yes Yes Yes
Service display name Yes Yes Yes Yes
Service description Yes Yes Yes Yes
Service startup type Yes Yes Yes Yes
Service status Yes Yes Yes Yes
Table 12: Shares information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Share net name Yes Yes Yes No
Share type Yes Yes Yes No
Share remark Yes Yes Yes No
Share permissions Yes Yes Yes No
Share maximum users Yes Yes Yes No
Share path Yes Yes Yes No
Share current users Yes No Yes No
Table 13: Logical volume information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Logical volume path Yes No Yes Yes
Logical volume file system Yes Yes Yes Yes
Logical volume size Yes Yes Yes Yes
Logical volume free space Yes Yes Yes Yes
Logical volume drive type Yes Yes Yes No
Logical volume media type No Yes Yes No
Logical volume compressed status Yes Yes Yes No
Appendix A: Inventory and Performance Information Capacity Planner Collects from Windows Hosts 11
VMware VMware Capacity Planner Security
Table 14: Printer information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Printer manufacturer Yes No Yes Yes
Printer model Yes Yes Yes Yes
Printer queue path Yes Yes Yes No
Printer port Yes Yes Yes No
Printer type (local or remote) Yes Yes Yes Yes
Table 15: PnP device information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
PnP name Yes Yes Yes Yes
PnP type Yes Yes Yes Yes
PnP path Yes Yes Yes Yes
Table 16: Video card information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Video card manufacturer Yes Yes Yes Yes
Video card model Yes Yes Yes Yes
Video card Mmmory Yes Yes Yes Yes
Video card maximum resolution No Yes Yes No
Video card current resolution Yes Yes Yes No
Video card maximum color depth No Yes Yes No
Video card current color depth Yes Yes Yes No
Video card support for 3-D Yes Yes Yes Yes
Video card monitors supported No Yes Yes No
Video card monitors attached Yes Yes Yes Yes
Appendix A: Inventory and Performance Information Capacity Planner Collects from Windows Hosts 12
VMware VMware Capacity Planner Security
Table 17: Page file information
Setting Registry WMI Viewable in the Data Manager
Viewable in the Capacity Planner Dashboard
Page file initial size Yes Yes Yes No
Page file current size No Yes Yes No
Page file maximum size Yes Yes Yes No
Page file location Yes Yes Yes No
Table 18: VMware View performance counters
Perfmon Class Perfmon Metric Perfmon Instance
Process Private bytes *
Process Working set *
Process Elapsed time *
Process % processor time *
Process % user time *
Process Elapsed time *
Server Logon total N/A
Table 19: Performance counters used for Consolidation
Perfmon Class Perfmon Metric Perfmon Instance
System Processor queue length N/A
Processor % processor time *
Memory Pages/sec N/A
Memory Available bytes N/A
Memory Cache bytes N/A
Paging file % usage _Total
Physical disk Disk bytes/sec *
Physical disk Disk transfers/sec *
Server Bytes total/sec N/A
Appendix A: Inventory and Performance Information Capacity Planner Collects from Windows Hosts 13
VMware VMware Capacity Planner Security
Appendix B: Inventory and Performance Information Capacity Planner Collects from UNIX and Linux Hosts The tables in this appendix summarize the tools Capacity Planner uses to collect information from UNIX and Linux hosts and the key types of information it collects. VMware will provide an example inventory file upon request.
Table 20: Tools that collect inventory information
Information Type Operating System Utilities and Files
HP-UX getconf, cstm, uname, /stand/bootconf, /etc/resolv.conf
Solaris uname, /etc/resolv.conf, isainfo
Linux, VMware ESX uname, /etc/resolv.conf
System
AIX uname, /etc/environment
HP-UX PA-RISC swlist
Linux, VMware ESX rpm
Solaris pkginfo
Application
AIX lslpp
HP-UX getconf, ioscan
Linux, VMware ESX dmesg, dmidecode
Solaris prtdiag, psrinfo, prtpicl
Chassis
AIX uname, lsattr
HP-UX machinfo, cstm, ioscan, adb, getconf, model
Linux /proc/cpuinfo, dmidecode
VMware ESX /proc/vmware/sched/ncpus, /proc/cpuinfo, dmidecode
Solaris psrinfo, prtpicl, prtdiag, isainfo
CPU
AIX lsdev, lsattr
HP-UX getconf, cstm
Linux, VMware ESX /proc/meminfo, dmidecode
Solaris prtconf
Memory
AIX lsdev, lsattr
Linux, VMware ESX /proc/scsi, /proc/ide, /proc/driver/cciss, fdisk, hdparm, dmesg, /proc/partitions
HP-UX ioscan, diskinfo
Solaris df, prtvtoc, basename, iostat
Disk
AIX lsdev, lscfg, lsparent, lsattr, bootinfo
Appendix B: Inventory and Performance Information Capacity Planner Collects from UNIX and Linux Hosts 14
VMware VMware Capacity Planner Security
Linux, VMware ESX /proc/scsi, /proc/ide, /proc/driver/cciss
HP-UX ioscan
Solaris prtdiag, prtpicl
Drive adapters
AIX lsparent
HP-UX lanadmin, lanscan, netstat
Linux, VMware ESX ifconfig, dmesg, ethtool, mii-tool, lsdev, /proc/interrupts, lspci
Solaris ifconfig, kstat, ndd, dmesg
Network
AIX ifconfig, entstat
HP-UX bdf, /etc/mnttab
Linux, VMware ESX df, /etc/mtab
Solaris df, /etc/mnttab
File systems
AIX df, /etc/filesystems
Exports All showmount
All /etc/inetd.conf Daemons
Linux /etc/rc.d/rc[runlevel].d
Appendix B: Inventory and Performance Information Capacity Planner Collects from UNIX and Linux Hosts 15
VMware VMware Capacity Planner Security
Table 21: Tools that collect performance information
Information Type Operating System Utilities and Files
System All vmstat, ps, users, uptime
HP-UX PA-RISC, Solaris vmstat
Linux, VMware ESX Vmstat, /proc/stat
Memory
AIX vmstat, pagesize
Processor All vmstat
HP-UX bdf Logical disk
Solaris, Linux, VMware ESX, AIX df
HP-UX swapinfo
Linux, VMware ESX /proc/swaps
Solaris swap
Page file
AIX lsps
Linux, VMware ESX /proc/partitions, vmstat, /proc/diskstats
HP-UX iostat, vmstat
Physical disk
Solaris, AIX iostat
Linux, VMware ESX /proc/net/dev
HP-UX netstat, lanscan
Solaris netstat, kstat
Network interface
AIX netstat, ifconfig,
Process All ps
Appendix B: Inventory and Performance Information Capacity Planner Collects from UNIX and Linux Hosts 16
VMware VMware Capacity Planner Security
Table 22: APP object properties (describes installed applications on the system)
Property Name Value Description
DAPP_Description Product description Describes what the product does.
DAPP_DisplayVersion Version string Full product version string.
DAPP_MajorVersion Major version number Major product version number, which is usually the first number of the version string.
DAPP_MinorVersion Minor version number Minor product version number, which is usually the second number of the version string.
DAPP_Name Product string name Product display name.
DAPP_PatchLevel Patch level or maintenance number Patch level or maintenance number for the product, which is usually the remainder of the version string.
DAPP_Producer Company string Name of the manufacturer that developed or packaged the application.
DAPP_Type App The table that contains stores application information. Also used for operating system information.
ISA_Estimated Size Bytes number Size in bytes of the installed application. Usually the size at installation.
ISA_Identity Identity string Used to uniquely identify the application.
ISA_InstallLoc Path string Location of installed application.
ISA_ProductID Can be the serial number of the application or a tag used by some UNIX software installers.
Table 23: CONTROL object properties (tells the import engine about the information that follows)
Property Name Value Description
DATE Date Time Date the file was generated.
FILETYPE Inv, Perf A tag the engine reads to control processing so that the inventory module only processes inventory and so on.
HOSTNAME Hostname string Used to visually identify the system.
ISRV_Type 2048, 32768 Number that tells VMware what kind of system is being managed.
NISDOMAIN NIS domain string NIS domain of the system.
RUNBY User information for the user who ran the script to generate the output. Useful for debugging. In UNIX, use the ID command.
TIMESTAMP Date-Timestamp Time stamp showing when the file was generated.
UNAME Uname-a Full uname (UNIX) output for the system.
UNIQID Unique ID string A unique ID that identifies the system. If provided will be used to identify the system instead of the host name.
If you do not provide a unique ID, you might overwrite an existing host name. If you have no unique ID, use an FQDN host name.
VERSION 100 Import file format version.
Appendix B: Inventory and Performance Information Capacity Planner Collects from UNIX and Linux Hosts 17
VMware VMware Capacity Planner Security
Table 24: CPU object properties (describes the processors installed in the system)
Property Name Value Description
DCPU_Desc CPU description string Full description of the installed CPU.
DCPU_Family CPU family number Family number of the CPU. The Intel Pentium through Pentium III are 6. The Pentium IV is 15.
DCPU_Flags CPU flags string On Linux systems, the serial number in text form.
DCPU_Make Manufacturer string Manufacturer name of the CPU
DCPU_Model CPU model string The combined string of all the model numbers that describe the processor.
DCPU_ModelNum CPU model number Model number of the CPU.
DCPU_PrimCacheData Primary data cached size number Size in KB of the primary data cache.
DCPU_PrimCacheInst Primary instruction cache size number
Size in KB of the primary instruction cache.
DCPU_Rated Speed CPU rated speed number Designed maximum processor speed.
DCPU_SecCacheSize Secondary cache size number Size in KB of the secondary cache.
DCPU_Stepping CPU stepping number Represents any small change in CPU manufacturing.
ISC_CurrCPUSpeed Current CPU speed number Current speed of the processor.
ISC_Identity CPU identity string Unique number that identifies the CPU installed on the system.
ISC_SerialNumber Serial number string A serialized string of functionality. In Windows, this number describes the feature set of the CPU.
ISC_SlotNumber CPU slot number Slot number that holds the CPU.
Table 25: DAEMON object properties (describes the defined init.d, rec.d, or Microsoft Windows services on the system)
Property Name Value Description
DSVC_Description Description string Description of the service or daemon.
DSVC_DisplayName Name string Display name of service or daemon that is displayed in the UI.
DSVC_Name Name string Actual name of the service or daemon that the system references. Usually unique without spaces.
ISS_ExePath Binary path string Full path to the binary that the service or daemon is calling.
ISS_Identity Identity string Unique string that identifies the service or daemon on the system.
ISS_IsActive Active bit (0 or 1) Indicator that the service or daemon is still running. Not always possible on UNIX.
ISS_Status Status string Current status of the service or daemon. On Windows, a service can be in a predefined state: stopped, stopping, started, starting, or paused. On UNIX, the status is a string returned from a status call.
Appendix B: Inventory and Performance Information Capacity Planner Collects from UNIX and Linux Hosts 18
VMware VMware Capacity Planner Security
Table 26: DISKINFO object properties (describes the physical drives or RAID arrays installed in the system)
Property Name Value Description
DDR_Cache Drive cache size number Size of drive buffer cache in KB.
DDR_IntType SCSI, IDE, SATA Drive adapter type string. Any string can be used, but for consistency, you should try to use one of the specified values.
DDR_Make Drive make string Manufacturer name of drive.
DDR_Model Drive model string Model name of drive.
DDR_Space Drive size string Size of drive in GB as seen by the operating system.
DDR_TotalCyl Drive total cylinder number Total number of cylinders that the drive reports to the operating system.
DDR_TotalHeads Drive total heads number Total number of heads that the drive reports to the operating system.
DDR_TotalSectors Drive total sectors number Total number of sectors that the drive reports to the operating system.
ISDR_CurIntSpeed Drive current interface speed number
Interface speed in MHz that was negotiated between the drive adapter and the drive. Normally the best speed of the slowest component but can be overridden by the operating system to a slower speed.
ISDR_Identity Drive identity string Unique number that identifies the installed drive.
ISDR_ISDA_Identity Drive adapter identity string Attached drive adapter unique string.
ISDR_Type disk, cdrom
Table 27: DRIVEADPT object properties (describes the drive adapters installed in the system)
Property Name Value Description
DDA_Make Drive adapter Manufacturer name of the drive adapter.
DDA_MaxSpeed Maximum speed number Maximum speed in MB/sec of the drive adapter interface.
DDA_Model Model string Model name of the drive adapter.
DDA_Type SCSI, IDE, SATA Drive adapter type string. Any string can be used, but for consistency, you should try to use one of the specified values.
ISDA_BusNumber Bus number Bus number where the drive adapter is positioned.
ISDA_Identity Drive adapter identity string Unique number that identifies the drive adapter installed on the system.
Appendix B: Inventory and Performance Information Capacity Planner Collects from UNIX and Linux Hosts 19
VMware VMware Capacity Planner Security
Table 28: Exports object properties (describes the exported or shared directories on the system)
Property Name Value Description
ISSH_Identity Identity string Unique string that identifies an exported directory.
ISSH_NetName NetName string Share name that is published on the network. On UNIX, this is the same name as the shared directory.
ISSH_Path Path string Full path of the share.
ISSH_Type NFS, WIN Share type string.
ISSH_Permissions Permissions string Share permissions string. Shows the access restrictions to the share. A number on Windows.
Table 29: FILESYS object properties (describes the found file systems currently defined on the system)
Property Name Value Description
ISFA_Type RAM slot number Format of the file system.
ISFS_Identity Identity string Identity string to uniquely identify the file system.
ISFS_Path Path string Mount point.
ISFS_Size File system size number Disk space in bytes on the file system.
ISFS_SpaceFree File system available space number Space in bytes available on the file system.
Table 30: Group object properties (describes the groups of which the system is a member)
Property Name Value Description
CG_Name Group name string Name of the domain or group that the system belongs to.
CGT_Name Group type name string Type of group. Has to be one of the valid group types.
Table 31: MOTHERBOARD object properties (describes the chassis and motherboard used in the system)
Property Name Value Description
DCH_CPUTypeList CPU types string Types of CPUs that this motherboard supports.
DCH_Make Manufacturer string Name of the manufacturer of the chassis or motherboard.
DCH_Model Model string Name of the motherboard or chassis model.
Appendix B: Inventory and Performance Information Capacity Planner Collects from UNIX and Linux Hosts 20
VMware VMware Capacity Planner Security
Table 32: NETWORK object properties (describes the physical and virtual network interfaces on the system)
Property Name Value Description
DNIC_Model NIC model string Model name of the network adapter.
DNIC_Type Network medium string
Network medium in use.
ISN_CurSpeed NIC current speed number
Bandwidth in bits per second.
ISN_Identity Identity string Identity string to uniquely identify the network adapter.
SN_IPAddrType Static, dynamic String indicating whether the IP address is static or dynamic.
ISN_IPAddress IP address string Comma-separated string of all of the IP addresses associated with the network adapter.
ISN_MACAddress MAC address string Media access control address for the network adapter.
Table 33: OS object properties (describes the operating system currently running on the target machine)
Property Name Value Description
DAPP_DisplayVersion Version string Full operating system version string.
DAPP_MajorVersion Major version number Major operating system version number, which is usually the first number of the version string.
DAPP_MinorVersion Minor version number Minor operating system version number, which is usually the second number of the version string.
DAPP_Name Product name string Display name of the operating system.
DAPP_PatchLevel Patch level or maintenance number
Patch level or maintenance number for the operating system, which is usually the remainder of the version string.
DAPP_Producer Company string Name of the manufacturer that developed or packaged the operating system.
DAPP_Type Operating system Operating system information in stores application information table.
ISA_Identity Identity string Uniquely identifies the operation system.
ISA_InstallLoc Path string File system path where the operating system is installed.
Appendix B: Inventory and Performance Information Capacity Planner Collects from UNIX and Linux Hosts 21
VMware VMware Capacity Planner Security
Table 34: PERF object properties (contains detailed performance data collected during a single collection run)
Property Name Value Description
PERD_CounterAvg Sample average number
Average of all the samples taken during collection.
PERD_CounterInterval Sample interval number
Interval in seconds between each sample.
PERD_CounterMax Sample maximum number
Maximum value observed during collection.
PERD_CounterMin Sample minimum number
Minimum value observed during collection.
PERD_CounterSamples Sample count number
Number of samples taken during collection.
PERD_CounterTime Timestamp number
When collection started.
PERS_Active Active flag bit Indicates that the summary counter is active. Inactive performance objects are either grayed out or hidden in the Data Manager.
PERS_ClassName Class name string Resembles a group name of similar performance data.
PERS_InstanceName Instance name string
Represents distinct performance objects of the same class. If the class does not have instances, the instance name can be left blank or removed from the output.
PERS_MetricName Metric name string
The actual system resource that the performance data represents.
PERS_Type Type number Indicates the type of object that generated this performance summary record. Perfmon=0 Registry=1 WMI=2 Script=3 SNMP=4
Table 35: RAM object properties (describes the physical memory installed in the system or the virtual memory allocated to a virtual system)
Property Name Value Description
DRAM_Size RAM size Size in MB of the RAM module.
ISR_Identity Identity string Types of CPUs this motherboard supports.
ISR_SlotNumber RAM slot number Slot number that holds the RAM module.
Appendix B: Inventory and Performance Information Capacity Planner Collects from UNIX and Linux Hosts 22
VMware VMware Capacity Planner Security
Table 36: SYSTEM object properties (describes how the system is configured)
Property Name Value Description
ISRV_ActiveName Host name string Microsoft Windows supports having a different active (NETBIOS) name than the IP host name.
ISRV_ComputerName Host name string Microsoft Windows supports having a different computer NETBIOS name than the IP host name.
ISRV_CurrentLocale Current locale number
Locale that was negotiated while collection occurred.
ISRV_DateTime Date time string Date that the file was generated.
ISRV_DisplayName Host name string Alternate display name for the system.
ISRV_HostName Host name string Used to visually identify the system. Derived from the actual host name.
ISRV_InstallLocale Install locale number
Locale that was chosen during the installation. Applies more to Windows than UNIX. US English is 1033.
ISRV_Path Path string Complete PATH string for the operating system, which uses it to search for application names when executed.
ISRV_Type 2048, 32768 The kind of system being managed. The number for UNIX, Linux, and Xenix is 2048.
Appendix B: Inventory and Performance Information Capacity Planner Collects from UNIX and Linux Hosts 23
VMware VMware Capacity Planner Security
Appendix C: Information Warehouse Datacenter Security VMware maintains multiple levels of datacenter security to protect the data in the Capacity Planner Information Warehouse. This appendix summarizes those datacenter security measures.
Policies and Procedures The CIO and IT management are directly responsible for network, system, and overall information
security.
VMware staff dedicated to information security includes IT management and a security engineer. They are responsible for:
Security awareness
Policy enforcement
Risk evaluation
Risk mitigation
Regulatory compliance
Policies and procedures covering the following areas are in effect:
HR practices
Authorized or acceptable use of networked services
Use of corporate email, intranet, and Internet
Password management
Software and hardware acquisition
Change management
Encryption policy and standards
Security related incident response and handling
Data handling policy (including data use, data storage, and destruction of sensitive data)
Third-party access and remote access
Personnel Control All datacenter employees undergo a careful background check that includes the following:
Verification of prior employment
Criminal records search for current county and state of residence
Status to work in the United States through compliance with the Immigration and Naturalization Service I-9 process
Appendix C: Information Warehouse Datacenter Security 24
VMware VMware Capacity Planner Security
Datacenter employees in security sensitive positions undergo additional screening that includes criminal conviction screening through an authorized background-reporting agency. The background screen covers a seven-year period and includes all locations in which the employee resided during that period. The background screen includes an additional screen referred to as a government list screen. The government list screen includes the following lists published by the US government:
Department of State: Arms Export Control Debarment List
Department of State: Proliferation List
Department of Commerce: Denied Parties List
Department of Commerce: Entities List
Department of Treasury: Specially Designated National List
Physical security and perimeter controls at the datacenter facilities housing the Information Warehouse data control who has access to the facilities. Those controls include the following:
Security cameras
Biometric hand scanners
Employee identification cards or badges
Visitor identification cards or badges
Monitoring and escorts for visitors passing through critical parts of the company
Disaster Recover and Business Continuity VMware has a disaster recovery and business continuity plan for the datacenter where the Information
Warehouse data is stored. The backup and restore plans are tested quarterly using a paper walkthrough.
Recovery procedures are tested for efficacy. Manual backup and restore procedures are documented and practiced in case the automatic backup fails.
Estimated time to restore services is 72 hours in case of a major disaster.
Physical Security The security and integrity of each datacenter where Information Warehouse data is stored is achieved and maintained by robust facility construction, comprehensive access controls, video surveillance monitoring, 24-hour personnel, and comprehensive policies and procedures.
Datacenter Construction
Critical exterior perimeter walls, doors and windows are constructed of materials that afford UL standard #752, level V ballistic protection.
Appendix C: Information Warehouse Datacenter Security 25
VMware VMware Capacity Planner Security
Access Control
The datacenters use an automated access control system that supports a networked card reader and alarm system. The access control system uses proximity card readers to control access into perimeter doors, shipping and receiving areas, storerooms, and other critical areas. Biometric hand scanners are installed to control access into the most critical areas (network control center, telecommunications node room, and customer vaults). Additional access control measures include:
All datacenters have signs designating them controlled access areas
Mission-critical areas within each data center are designated as restricted
Access into each datacenter and restricted area is controlled by biometric hand scanners and is limited to authorized personnel
Employee card access badges — or contractor or visitor badges — are required to gain entry
All employees, customers, vendors, contractors and visitors must be sponsored by a preapproved sponsor in order to gain access
Security Entrance System
An automated security entrance system controls datacenter access. The system includes the following key features:
The weight system is designed to physically limit access to one person at a time , preventing tailgating
Anti–pass-back prohibits one person from handing off an access badge to someone waiting to enter
Entrances are monitored and recorded by CCTV 24/7 by the security control room
Entrances have integrated metal and explosive detection
Entrances have a two-way audio intercom to the security control room
Entrances have UL-rated ballistic protection
Entrances have intrusion and tampering alarms monitored by the security control room
Integrated card access and biometric access control systems limit access to persons who are verified by hand geometry
Entrance security systems have dedicated UPS and standby emergency power (generator)
Entrances have level V ballistic protection
Entrances are ADA compliant
Access Logging
All datacenters have computer-based enterprise-wide access control systems, used to track all visitors who have datacenter badges. This system logs the identity of each individual and the time that person entered the datacenter. It does not log who goes out, because current fire code prohibits “locking” individuals in datacenters.
Closed Circuit Television System
Datacenter security employs an extensive closed circuit television system to monitor the exterior and interior of each datacenter. Exterior cameras provide views of critical support equipment and perimeter doors. Interior cameras are positioned to monitor all datacenter aisles, requests for
Appendix C: Information Warehouse Datacenter Security 26
VMware VMware Capacity Planner Security
entry (and actual entry) into the datacenter, shipping and receiving areas, high-security vaults, and the datacenter lobby. All cameras are recorded on digital video recorders, 24/7.
Network Infrastructure The following network infrastructure measures protect Information Warehouse data:
Up-to-date network infrastructure and administration procedures
Perimeter scanning and monitoring performed internally
All routers configured with access control lists to allow only specific traffic to pass through
Access to your routers allowed via their console ports only
All networking devices at the latest patch level
Procedure in place to keep track of announcement of vulnerability patches for networking devices
Default passwords changed on networking devices
Controls governing the change frequency and distribution of administrative access to network infrastructure
No wireless access to the network
Intrusion prevention and detection systems, including:
HIDS
NIDS
Rogue device and services detection
Remote Access and VPN Remote access to and remote control of the network connected to the Information Warehouse is protected by all of the following:
RADIUS/TACACS
User ID and password
Token-based access control
SSL certificates
Supervisory and administrative functions are not allowed over unencrypted external links.
VMware collects and reviews audit log data on remote access to the network.
Appendix C: Information Warehouse Datacenter Security 27
VMware VMware Capacity Planner Security
Appendix C: Information Warehouse Datacenter Security 28
Firewall and Intrusion Detection and Prevention The following measures are in place to detect and prevent intrusion:
Security team keeps track of all known vulnerabilities
Deployment of an intrusion detection system is in process
Incident response team in place
Firewall servers protect the network
Internet-facing systems are behind a firewall that protects against network-based denial of service attacks, blocks ports that are not required for external access, and protects against other network attacks
No other applications (such as DNS) run on the firewall server
Firewall configurations are reviewed every two months