User Documentation
  • Product Information
    • Overview
    • Architecture
    • Security
    • Key Features
    • Supported Systems
    • Comparison
  • Installation
    • Download VirtualMetric
    • Install a VirtualMetric Server
    • Activate Product
    • Update From Previous Versions
    • Uninstall VirtualMetric
  • Releases
    • Version 8.0.3
  • Server Pre-Configuration
    • Windows
    • VMware
    • Linux
    • Bare Metal Hardware
  • Settings
    • Users
      • User Operations
        • Add New User
        • Edit User
        • Device Permissions
        • Login as Other User
        • Remove User
      • User Group Operations
        • Add New User Group
        • Assign Member
        • Device Permission
        • Edit User Group
        • Remove User Group
      • API Users Operations
        • Add New API User
        • Edit API User
        • Device Permission
        • Remove API User
      • Organization Operations
        • Add New Organization
        • Edit Organization
        • Device Permission
        • Login as Other Organization
        • Remove Organization
      • Credential Store
        • Add New Credential Store
        • Edit Credential Store
        • Remove Credential Store
      • Group Based AD Authentication
    • Devices
      • Server Operations
        • Add New Server
        • Assign Module
        • Edit Server
        • Remove Server
        • Restore Server
        • Connectivity Issues
        • Bulk Update
      • Cluster Operations
        • Add New Cluster
        • Assign Module
        • Sync a Cluster
        • Edit Cluster
        • Remove Cluster
        • Connectivity Issues
        • Bulk Update
      • Workstation Operations
        • Add New Workstation
        • Edit Workstation
        • Remove Workstation
      • Manager Operations
        • Add New Manager
        • Assign Module
        • Sync Manager
        • Edit Manager
        • Remove Manager
        • Connectivity Issues
        • Bulk Update
      • Network Devices Operations
        • Add Network Device
        • Edit Network Device
        • Remove Network Device
        • Connectivity Issues
        • Bulk Update
      • Trigger Operations
        • Add New Trigger
        • Assign Server
        • Edit Trigger
        • Change API User
        • Change Service User
        • Remove Trigger
        • Enable Debug
      • Device Group Operations
        • Add New Device Group
        • Assign Member
        • Edit Device Group
        • Remove Device Group
      • Datacenter Operations
        • Add New Datacenter
        • Assign Member
        • Edit Datacenter
        • Remove Datacenter
      • Permission Operations
        • Add/Remove Permission
    • Listeners
      • Listener Operations
        • Add a New Listener
          • Add a Syslog Listener
          • Add a Flow Endpoints
          • Add a eStreamer
          • Add a TFTP Listener
          • Add a TCP Listener
          • Add a UDP Listener
          • Add a HTTP Listener
          • Add a SMTP Listener
          • Add a SNMP Trap Listener
          • Add a Redis Consumer
          • Add a Kafka Consumer
          • Add a RabbitMQ Consumer
          • Add a NATS Consumer
        • Edit Listener
        • Remove Listener
    • Services
      • Location Operations
        • Add new Location
        • Edit Location
        • Remove Location
      • Web Sites Operations
        • Add new Website
        • Assign Location
        • Edit Web Sites
        • Remove Web Sites
      • DNS Operations
        • Add new DNS
        • Edit DNS
        • Remove DNS
      • ICMP Operations
        • Add new ICMP
        • Edit ICMP
        • Remove ICMP
      • IPAM Operations
        • Add new IPAM
        • Edit IPAM
        • Remove IPAM
      • TCP Operations
        • Add new TCP
        • Edit TCP
        • Remove TCP
      • Database Operations
        • Add new Database
        • Edit Database
        • Remove Database
    • Notifications
      • Rules Operations
        • Add new Rules
        • Edit Rule
        • Adding Dependency
        • Filtering Rules
        • Assign Action
        • Remove Rule
      • Knowledge Base Operations
        • Add new Knowledge Base
        • Edit Knowledge Base
        • Remove Knowledge Base
      • Action Operations
        • Add new Action
        • Testing Action
        • Edit Action
        • Remove Action
      • Scheduled Report Operation
        • Edit Scheduled Report
        • Remove Scheduled Report
      • STMP Settings
      • SMS Settings
    • Collectors
      • Definitions Operations
      • Module Defaults Operations
      • Device Bindings Operations
    • Logs
      • Definitions Operations
        • Understand Definition Fields
        • Edit Definition
        • Bulk Update
        • Reset Definition
      • Custom Definition Operations
        • Add Custom Definition
        • Edit Custom Definition
        • Remove Custom Definition
      • Module Defaults
        • Assign Definition
        • Reset Module Defaults
      • Device Bindings
        • Assign Definition
        • Reset Device Bindings
    • Statistics
      • Logging Types
        • Understanding Logging Types
        • Edit Logging Type
        • Reset Logging Type
      • System Counters
        • Understanding System Counter
        • Edit System Counter
        • Reset System Counter
      • Custom Counters
        • Understanding Custom Counter
        • Edit Custom Counter
        • Reset Custom Counter
    • Systems
      • System Logs
      • System Health
      • Advanced Settings
    • Azure Active Directory Integration
  • Dashboard
    • Main Page
    • Login
    • Layout and Common Functions
    • Calculation of Recommendations
    • Add New Widget
    • Edit Widget
    • Charts
    • White Labeling
  • Devices
    • Layout and Common Functions
  • Analytics
    • Layout and Common Functions
  • Modules and Audit
    • VirtualMetric Modules
      • Bare Metal
      • Microsoft Hyper-V
      • VMware
      • Microsoft IIS
      • Microsoft SQL
      • Microsoft Storage Spaces
      • Active Directory User Permissions
    • Audit Configuration
Powered by GitBook
On this page
  • Authentication
  • Encryption
  • Connection Protocols
  • Required Firewall Ports
  1. Product Information

Security

VirtualMetric uses Microsoft IIS Server as its Web server, so VirtualMetric Dashboard and the VirtualMetric API can always be made up-to-date and secure via Microsoft Update. VirtualMetric also uses Microsoft SQL Server as its database server where it stores user, inventory, and monitoring data. As a result, you can use Microsoft authentication and encryption methods to make Microsoft SQL Server secure as well.

We put a lot of effort to make VirtualMetric suitable for enterprises and meet the requirements of their network and security policies. For example, VirtualMetric does not require an agent to connect to servers. This is a great advantage for enterprises because VirtualMetric does not touch any system files, does not require any registry changes, and does not load any DLLs or drivers to the monitored servers. This can help keep security scans simple as there are no system changes on your servers. Similarly, VirtualMetric connects to Windows, VMware, and Linux servers remotely to collect monitoring and inventory data, so we focus on making this remote connection as secure as possible.

Further details of these can be found in the relevant sections.


Authentication

VirtualMetric allows you to use two different authentication methods to connect to servers: Basic and Active Directory.

  • If you set up VirtualMetric on an Active Directory member server, you can start VirtualMetric Collector with a privileged account on Active Directory. By doing so, you can avoid the need to type any usernames/passwords to connect to servers in the same Active Directory.

  • If you want to use Basic Authentication to connect servers, VirtualMetric uses the Advanced Encryption Standard or AES with a 128-bit key to encrypt your passwords. This is one of the most secure encryption methods used in most modern encryption technologies, and is considered to be logically unbreakable.

Password in Database?
Password Security

Active Directory Authentication

No

No

Basic Authentication

Yes

AES 128-bit

We suggest you to prefer Active Directory Authentication if it's possible to use on your environment.

When you create a user to connect to VirtualMetric API or the Dashboard, we also encrypt your user passwords with MD5 hashing. VirtualMetric Databases only contain MD5 hashes of your passwords. When a user tries to log in to VirtualMetric, we only send an MD5 hash over the network.


Encryption

Communication between VirtualMetric and the monitored servers is encrypted at the protocol layer. When VirtualMetric connects to your servers, it uses the SSL protocol to protect your sensitive data from prying eyes.

Platform
Secure Authentication
Encrypted Data Transfer
SSL Supported?

Windows

✓

✓

✓

VMware

✓

✓

✓

Linux

✓

✓

✓


Connection Protocols

If you use Active Directory authentication for your Windows Servers, VirtualMetric uses PowerShell Remoting to connect to them. PowerShell Remoting is a solution to some of the security and consistency issues that IT professionals currently have to work around. It is built on Microsoft's implementation of the Web Services for Management (WSMan) protocol, and it uses the Windows Remote Management (WinRM) service to manage communication and authentication. This framework was designed to be a secure and reliable method for managing computers, and it is built on well-known standards like Simple Object Access Protocol (SOAP) and Hypertext Transfer Protocol (HTTP). The communication between VirtualMetric and the monitored server is encrypted at the protocol layer except when basic access authentication is used, which is intended for Hypertext Transfer Protocol Secure (HTTPS) sessions. Since we use WinRM, you can always configure WinRM security, change the encryption type, and set an SSL certificate to make communication even more secure.

For VMware Servers, VirtualMetric uses VMware vSphere Web Services to connect to the hosts. By default, VirtualMetric uses the SSL protocol to connect to VMware hosts, but you can always change this communication protocol as well.

For Linux Servers, VirtualMetric uses SSH to connect to the servers. You can use basic authentication or key-based authentication. VirtualMetric supports RSA and DSA private keys. You can also use pass phrase for your keys.

Platform
Connection Protocol
Firewall Friendly?
Supported Protocols

Windows

WS-Man

✓

HTTP / HTTPS

VMware

SOAP

✓

HTTP / HTTPS

Linux

SSH / SCP

✓

SSH / SCP


Required Firewall Ports

VirtualMetric was designed to become a firewall-friendly monitoring solution. Many monitoring solutions on the market require RPC/DCOM/SNMP protocols to monitor servers. Because of their protocols, they usually require complex firewall configurations due to their dynamic port settings. VirtualMetric only uses the HTTP/HTTPS protocols to connect to Windows and VMWare servers. For Linux servers, VirtualMetric uses the Secure Shell (SSH) protocol, so you can easily configure the access via the firewall.

Client Access to VirtualMetric Dashboard

Source
Destination
Protocol
Ports
Action

Client

VirtualMetric Dashboard

TCP

80/443

ALLOW

Client

VirtualMetric API

TCP

8080

ALLOW

Server Monitoring

Source
Destination
Protocol
Ports
Action

VirtualMetric Trigger

VirtualMetric API

TCP

8080

ALLOW

VirtualMetric Trigger

Windows Server

TCP

5985/5986

ALLOW

VirtualMetric Trigger

VMware Server

TCP

80/443

ALLOW

VirtualMetric Trigger

Linux Server

TCP

22

ALLOW

VirtualMetric Trigger

Network Device

UDP

161

ALLOW

Windows / VMware / Linux Server

VirtualMetric API

TCP

8080

ALLOW

sFlow Endpoint

VirtualMetric Trigger

UDP

6343

ALLOW

NetFlow Endpoint

VirtualMetric Trigger

UDP

2055

ALLOW

IPFIX Endpoint

VirtualMetric Trigger

UDP

4739

ALLOW

PreviousArchitectureNextKey Features

Last updated 6 months ago