How does VigilEnt Security Manager guarantee the authenticity of report data? (NETIQKB32079)

  • 7732079
  • 02-Feb-2007
  • 08-Sep-2008

Resolution

goal
How does VigilEnt Security Manager guarantee the authenticity of report data?

fact
VigilEnt Security Manager 3.x

fact
VigilEnt Security Manager 4.x

fix

VSM data is secured by the standard database access control mechanisms provided by SQL Server. Setting an SA password in SQL Server ensures additional security.  In addition, VSM/VSS v3.x implements the Series 3 Protocol, which is 56-bit DES encryption and host allow/deny access control. Host allow/deny access control allows communications between VSS and agents to be restricted by IP address based ACLs.  Secure deployments would require configuring agent hosts allow/deny to accept VigilEnt protocol connections only from the IP address of your VSS machine.  This is an access control rather than an authentication-based security mechanism.  While it would take a fairly sophisticated network compromise to defeat, in VSM/VSS v4.0, NetIQ has designed a digital signature authentication protocol (Series 4) for greater security

VSM/VSS v4.0 implements the Series 4 protocol, which adds a digital signature authentication for enhanced security.  Under this implementation, even if a rogue machine were to take over the IP address of the legitimate VSS, connections to Series 4 agents would be refused because it does not possess the authentication token for that (or any other) Series 4 agent. Series 4 enhances both payload encryption and authentication between VSS and VigilEnt Security Agents.

 

For more information regarding these two protocols, please refer to the following document:

https://intra.netiq.com/content/documents/approved/_Toc45703301.

 



Additional Information

Formerly known as NETIQKB32079

Feedback service temporarily unavailable. For content questions or problems, please contact Support.