- Security >
- Security Overview
Security Overview¶
Overview¶
Ops Manager provides security options to ensure the security of your Ops Manager agents, Ops Manager servers, and MongoDB deployments. Ops Manager supports the options described in the tables on this page.
Security Options¶
| Connections with Ops Manager | Connections with Ops Manager Backing Instances | Connections with MongoDB Deployments | |
|---|---|---|---|
| Ops Manager | not applicable | Ops Manager connects to MongoDB through the Monitoring, Backup, and Automation agents. | |
| Monitoring Agent | not applicable | ||
| Backup Agent | not applicable | ||
| Automation Agent | not applicable | ||
| Ops Manager user | not applicable | For user access to MongoDB, see Authentication in the MongoDB manual. |
Supported User Authentication Per Release¶
The following table shows the available user authentication mechanisms and the release the mechanism became available.
| Method | Available beginning with… |
|---|---|
| Authentication against Ops Manager Application database | OnPrem 1.0 |
| Authentication against LDAP | OnPrem 1.4 |
Supported MongoDB Security Features on Linux¶
This section describes supported security options on Linux.
Connections Between Ops Manager Servers and Backing Replica Sets¶
The following table shows the authentication and SSL options available between Ops Manager and the Ops Manager Application Database and Backup Blockstore Database. These options do not apply to the HEAD databases that reside on the Backup Daemon:
| Username/Password Authentication | MongoDB SSL Connections | Kerberos Authentication | MongoDB SSL Connections with Client Certificates | x509 Authentication | LDAP Authentication |
|---|---|---|---|---|---|
| OnPrem 1.0+ | Ops Manager 1.6+ | OnPrem 1.3 | Ops Manager 1.6+ | Ops Manager 1.6+ | OnPrem 1.5+ |
Connections Between Agents and MongoDB Deployments¶
The following table shows the authentication and SSL options available between the Ops Manager agents and the MongoDB deployments they manage and back up:
| Username/Password Authentication | MongoDB SSL Connections | Kerberos Authentication | MongoDB SSL Connections with Client Certificates | x509 Authentication | LDAP Authentication | |
|---|---|---|---|---|---|---|
| Monitoring Agent | OnPrem 1.0 | OnPrem 1.0 | OnPrem 1.3 | OnPrem 1.5+ | OnPrem 1.5+ | |
| Backup Agent | OnPrem 1.4 | OnPrem 1.4 | OnPrem 1.4.1 | OnPrem 1.5+ | OnPrem 1.5+ | |
| Automation Agent | Ops Manager 1.6+ |
Supported MongoDB Security Features on Windows¶
This section describes supported security options on Windows.
Connections Between Ops Manager Servers and Backing Replica Sets¶
The following table shows the authentication and SSL options available between Ops Manager and the Ops Manager Application Database and Backup Blockstore Database. These options do not apply to the HEAD databases that reside on the Backup Daemon:
| Username/Password Authentication | MongoDB SSL Connections | Kerberos Authentication | MongoDB SSL Connections with Client Certificates | x509 Authentication | LDAP Authentication |
|---|---|---|---|---|---|
| OnPrem 1.5+ | Ops Manager 1.6+ | Ops Manager 1.6+ | Ops Manager 1.6+ | OnPrem 1.5+ |
Connections Between Agents and MongoDB Deployments¶
The following table shows the authentication and SSL options available between the Ops Manager agents and the MongoDB deployments they manage and back up:
| Username/Password Authentication | MongoDB SSL Connections | Kerberos Authentication | MongoDB SSL Connections with Client Certificates | x509 Authentication | LDAP Authentication | |
|---|---|---|---|---|---|---|
| Monitoring Agent | OnPrem 1.5+ | OnPrem 1.5+ | OnPrem 1.5+ | OnPrem 1.5+ | ||
| Backup Agent | OnPrem 1.5+ | OnPrem 1.5+ | OnPrem 1.5+ | OnPrem 1.5+ | ||
| Automation Agent | Ops Manager 1.6+ |