Security

Communication security

BMC Application Diagnostics provides 3 levels of system security, ranging from unrestricted communication between BMC Application Diagnostics Server, BMC Application Management Console, and application agents, to security models that incorporate the strongest available security mechanisms.

The 3 levels of system security are:

  1. Not-secured
     On this level, all communication between components is done over plain text HTTP.
  2. Encrypted
     On this level, all communication between components is done over encrypted HTTPS. The BMC Application Diagnostics Server authenticates to the BMC Application Performance Management console and BMC Application Diagnostics Agent.
  3. Encrypted-authenticated
     On this level, all communication between components is done over encrypted HTTPS. All components authenticate to one another.

During installation, you will be requested to set the security mode. Once the security mode is set, all components will configure in the selected security mode, unless configured differently. It may take up to 10 minutes for the system to be secured.

For information about changing security settings, see Managing-security.

Authentication

By default BMC Application Diagnostics uses pre-generated self-signed certificates for authentication. If you prefer to use your own certificates, you need to create new keystore and truststore files for each component. For information about creating these files, see Managing security.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*