CA Workload Automation ESP encryption with ESP Workstation. We're looking at encrypting mainframe traffic, question is for Workstation session logon and traffic. we're running ESP r11.4 with ACF2 r16 on z/OS 2.2.

Is Workstation authentication logonid/password encrypted between client and manager? Is any other workstation<>manager traffic encrypted? What is required to implement encryption? 

Release:
Component: ESPWA

Workstation (WKS) communicates with workstation server (WSS) using TCPIP. WKS and WSS makes handshake on the begining of comunication and establish password for their session. After the handshake WSS and WKS communicates encrypted only. Workstation uses DES-56 encryption. Which is not very strong encryption nowadays. If you would like additional security for their communication, I would recommend to use VPN, because VPN will create encrypted tunnel with encryption you will setup.

Another solution is to set up AT-TLS on mainframe for WSS STC and Stunnel on the PC where ESP Workstation is installed.  Note: Both are configured outside of ESP WSS and Workstation.