Use the Security Reference to learn about the security features of your Site Recovery Manager installation and the measures that you can take to safeguard your environment from attack.

The operation of Site Recovery Manager depends on several services that run on the Site Recovery Manager Server host machine.

Site Recovery Manager uses network ports, which you can configure, to communicate with clients and other servers. You must ensure that firewalls do not block the ports that Site Recovery Manager uses.

Some Site Recovery Manager configuration files contain settings that might affect the security of your environment. Improper settings can also impact the proper functioning of your Site Recovery Manager environment.

Site Recovery Manager uses TLS certificates and private keys to protect network communication and securely establish authentication with other servers.

The Site Recovery Manager license and EULA files are located on the Site Recovery Manager Server host machine.

Site Recovery Manager records operational information into the log files. The logs files do not contain sensitive information such as private keys and passwords.

Site Recovery Manager uses Single Sign-On (SSO) certificates to access the Site Recovery Manager Server.

You can apply Site Recovery Manager security updates and patches as they are made available by VMware. You can apply security updates and patches of the host operating system as they are made available by the vendors of the host operating system.

Best practices for securing Site Recovery Manager Server can protect your environment from possible security problems.