VMware HCX Data Privacy
Details
Registration
- Activating HCX Manager Appliance using the license key
- This is the initial Device discovery for the HCX Service.
- HCX Manager will setup the communication channel with the central service with certificate exchange.
- HCX appliance UUID is used to uniquely identify an appliance. The certificate exchange done in this workflow sets up the communication channel for future interactions between HCX and the service.
- Upon the initial enablement of the HCX manager appliance, HCX Service will enable the feature bits on the Manager based on the License key.
Direction |
Data Exchanged |
Ports and Protocols used |
Optional / Mandatory |
HCX Manager → C&C |
HCX Manager UUID Certificate License Key HCX Build Version |
Port 443 Protocol - HTTPS |
Mandatory |
Periodic Endpoint Sync
- Periodic sync of build information (HCX/NSX /VC/VCD), paired HCX appliance information
- Only version information of SDDC components is shared with the service. IP/Hostname etc, of SDDC components is not shared with the service.
Direction |
Data Exchanged |
Ports and Protocols used |
Optional / Mandatory |
HCX Manager → C&C |
HCX Build versions |
Port 443 Protocol - HTTPS |
Mandatory |
Metrics
- Various metrics are sent to HCX service periodically to track system health and usage information.
- Phone Home Data - Anonymised feature consumption including aggregates about success and failure rates. HCX uploads this information to VMware Phone Home service and follows the company wide best practices.
- Metering metrics - HCX Usage aggregated metrics used to perform billing wherever applicable.
Direction |
Data Exchanged |
Ports and Protocols used |
Optional / Mandatory |
HCX Manager → C&C |
Phone Home Data Metering Metrics |
Port 443 Protocol - HTTPS |
Mandatory |
Licensing
- This workflow controls the feature bits enabled on the HCX Manager
- Any new features launched in subsequent releases are kept up to date based on the license key.
Direction |
Data Exchanged |
Ports and Protocols used |
Optional / Mandatory |
C&C → HCX Manager |
Feature bits |
Port 443 Protocol - HTTPS |
Mandatory |
Upgrades and Notifications
- Any Service Update/Notification meant for a HCX Manager is sent via this workflow.
- HCX services periodically publishes upgrade notifications.
- HCX service also sends notifications to customers running versions of HCX that are out of support.
Direction |
Data Exchanged |
Ports and Protocols used |
Optional / Mandatory |
C&C → HCX Manager |
Upgrade bundle URL Notification messages |
Port 443 Protocol - HTTPS |
Mandatory |
Tech Support Bundle
- Troubleshooting logs/dumps to be shared for Analysis.
- During support calls, HCX customers can provide HCX Tech support bundles with minimal effort.
- A tech support bundle request can be initiated by HCX Service operator without customer involvement, the bundle is generated and uploaded to HCX service.
Direction |
Data Exchanged |
Ports and Protocols used |
Optional / Mandatory |
HCX Manager → C&C |
Log Files (Appliances(s) , App, Web, Kafka) Configuration Files HCX Database dumps |
Port 443 Protocol - HTTPS |
Mandatory |