Web Console Security in Operations Manager

 

Updated: May 13, 2016

Applies To: System Center 2012 R2 Operations Manager, System Center 2012 - Operations Manager, System Center 2012 SP1 - Operations Manager

The web console server provides a browser-based alternative to the Monitoring pane of the Operations Manager Operations console. The web console server is commonly used when you want to access Operations Manager management group monitoring data in the following ways:

  • From the Internet

  • Without installing the Operations console

  • From a location with low-bandwidth connectivity

  • When notifications are configured to contain hyperlinks to the relevant alerts in the web console

When you install the web console, you must specify a web site for use with the web console. The default port for accessing the web console from a browser using Windows-based authentication is the same port as the web site that is selected when the web console was installed. If the web site chosen has been configured to use Secure Sockets Layer (SSL), then you must also select Enable SSL.

You must also select an authentication mode for use with the web console. Use mixed authentication for intranet scenarios and network authentication for extranet scenarios.

Note

The best practice for accessing the web console from the Internet is to use network authentication with SSL with the web console.

The web console uses two encryption algorithms:

  1. SHA256

  2. HMACSHA256

These algorithms may not be sufficient to meet compliance standards. For instance, they do not meet the Federal Information Processing Standard (FIPS). In order to meet a compliance standard, you need to map these names, in the appropriate configuration files, to appropriate encryption algorithms.

The next section uses FIPS compliant algorithms as an example.