Navigation

Security Overview

Overview

To ensure the security of your Ops Manager agents, Ops Manager servers, and MongoDB deployments, Ops Manager supports the security options described on this page.

Security Options Available in the Current Version of Ops Manager

The following table displays the security options available for the different types of connections in your Ops Manager environment and provides links to setup instructions.

  Connections with Ops Manager Connections with Backing Databases Connections with MongoDB Deployments
Ops Manager Not applicable. Connects through the Monitoring, Backup, and Automation agents. See the row for each agent in this table.
Monitoring Agent Not applicable.
Backup Agent Not applicable.
Automation Agent Not applicable.
Ops Manager user Not applicable. See Authentication in the MongoDB manual.

Supported User Authentication by Ops Manager Version

The following table shows the available user authentication mechanisms and the release the mechanism became available.

Method Ops Manager Versions
Authentication against Ops Manager Application Database 1.0+
Authentication against LDAP 1.4+

Supported MongoDB Security Features on Linux

This section describes supported security options on Linux.

Connections Between Ops Manager and the Backing Databases (Linux)

The following table shows security options for connections between Ops Manager and the Ops Manager Application Database and Backup Data Storage when both run on Linux.

  Username/Password Authentication MongoDB SSL Connections Kerberos Authentication MongoDB SSL Connections with Client Certificates x509 Authentication LDAP Authentication
Ops Manager Versions 1.0+ 1.6+ 1.3+ 1.6+ 1.6+ 1.5+

Connections Between Agents and MongoDB Deployments (Linux)

The following table shows the security options available for connections between agents and the MongoDB deployments they manage when the deployments run on Linux:

  Username/Password Authentication MongoDB SSL Connections Kerberos Authentication MongoDB SSL Connections with Client Certificates x509 Authentication LDAP Authentication
Monitoring Agent 1.0+ 1.0+ 1.3+ 1.5+ 1.8 1.5+
Backup Agent 1.4+ 1.4+ 1.4.1+ 1.5+ 1.8 1.5+
Automation Agent 1.6+ 1.8 1.8 1.8 1.8 1.8

Supported MongoDB Security Features on Windows

This section describes supported security options on Windows.

Connections Between Ops Manager and the Backing Databases (Windows)

The following table shows security options for connections between Ops Manager and the Ops Manager Application Database and Backup Data Storage when both run on Windows.

  Username/Password Authentication MongoDB SSL Connections Kerberos Authentication MongoDB SSL Connections with Client Certificates x509 Authentication LDAP Authentication
Ops Manager Versions 1.5+ 1.6+   1.6+ 1.6+ Not applicable.

Connections Between Agents and MongoDB Deployments (Windows)

The following table shows the security options available for connections between agents and the MongoDB deployments they manage when the deployments run on Windows:

  Username/Password Authentication MongoDB SSL Connections Kerberos Authentication MongoDB SSL Connections with Client Certificates x509 Authentication LDAP Authentication
Monitoring Agent 1.5+ 1.5+   1.5+ 1.8 Not applicable.
Backup Agent 1.5+ 1.5+   1.5+ 1.8 Not applicable.
Automation Agent 1.8 1.8   1.8 1.8 Not applicable.

Note

MongoDB for Windows does not support LDAP.