Securing communication between product components

You can secure communication between the TrueSight Capacity Optimization components by using Transport Layer Security (TLS) version 1.2 with server certificate validation. 

The components might act as a client or a server based on the context of communication. To achieve TLS mode of communication, the security certificates need to be authenticated between a client and a server. If a component is operating as a client, it requires a truststore to verify a server certificate.

The server certificate must be a certificate that is signed by a certification authority (CA) that your organization recommends. The security administrator of your organization can provide you the required CA-signed certificate or you can create a request to obtain a signed certificate from a CA.


You can switch from the default inter-component security configuration to TLS 1.2 configuration after you install the product components.  There are different communication channels established between the TrueSight Capacity Optimization components. You must perform the TLS configurations per communication channel. 

 

  Click here to see the security architecture diagram

The following security architecture diagram shows an illustration of the product components and their connections.

Note: The arrow in the diagram indicates connection initiation request from client to server.

TLS 1.2 is not supported for communication channels that involve Gateway Server and Capacity Agents.

 For detailed instructions, see the following topics:

Was this page helpful? Yes No Submitting... Thank you

Comments