- Security >
- Security Overview
Security Overview¶
On this page
To ensure the security of your MongoDB Agents, Ops Manager hosts, and MongoDB deployments, Ops Manager supports the following security options.
TLS for Encrypted Connections¶
Ops Manager supports encrypted connections using TLS server or client certificates. Client certificates identify the user while server certificates identifies the host.
- The MongoDB Agent uses TLS server or client certificate that the
legacy Automation Agent used.
- If the legacy Monitoring Agent used its own TLS server or client certificate before the update to the MongoDB Agent, Monitoring continues to use that certificate.
- If the legacy Backup Agent used its own TLS server or client certificate before the update to the MongoDB Agent, Backup continues to use that certificate.
- Ops Manager can connect to its backing databases using TLS server or client certificates.
- Ops Manager users can connect to the Ops Manager console or API using TLS server certificates.
Authentication Mechanisms¶
Authenticate with Deployments¶
Ops Manager supports these mechanisms to authenticate the Ops Manager Application and its Agents with your MongoDB processes:
| From | To | MONGODB-CR | SCRAM-SHA-1 | SCRAM-SHA-256 | x.509 | Kerberos | LDAP |
|---|---|---|---|---|---|---|---|
| Ops Manager | Backing Database | check circle icon | check circle icon | check circle icon | check circle icon | check circle icon | check circle icon |
| MongoDB Agent | MongoDB Processes | check circle icon | check circle icon | check circle icon | check circle icon | check circle icon | check circle icon |
| Your Application Clients | MongoDB Processes | check circle icon | check circle icon | check circle icon | check circle icon | check circle icon | check circle icon |
Note
Kerberos and LDAP authentication is available with MongoDB Enterprise only.