Configuring Agent Crypto

This section provides detailed procedures for configuring and maintaining the enhanced encryption package. You can use this package to encrypt messages sent by BMC Defender agents. Perform these procedures after installing the BMC Defender Apache TLS Adapter. These are required to guarantee proper encryption of data transfers between BMC Defender agents and the master BMC Defender Server.

Note

If you do not use these procedures, the agents send data using the native BMC Defender encryption. This native encryption, while very strong (based upon a robust pseudo-one-time pad algorithm), is not published. The BMC Defender native encryption is not compliant with FIPS and other specifications that demand the use of published algorithms and unique cipher keys.

Related topic

Configuring-BMC-Defender-Apache-TLS-adapter

To ensure that you are compliant with FIPS and other regulations, configure the encryption as described in this section to provide verifiable encryption of data by using encryption keys that are unique to the organization.

This section deals strictly with the message encryption used to protect communication between the agents and the BMC Defender Server. 

This section contains the following topics:

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*