What types of encryption are used by DX Unified Infrstructure Management?

• DX UIM 23.4 or higher

• All "local" UIM encryption for example, passwords that are stored in config files, bus and account user passwords, discovery profiles, etc, use a standard encryption. This is handled by our SDK.

• Infrastructure category probes, e.g., hub, robot, nas, etc., use AES256 for encrypting passwords and other data.

• Monitoring probes also use AES256 with the latest updates.

• Older monitoring probes may be using 2-Fish algorithm, Twofish algorithm with a secret (128-bit) key.

  • After this the encrypted string is base64 encoded.

• In general, the hashing algorithm PBKDF2 is used for password checks.

• MD5 is used for lower sensitive checksums for Integrity checks.

• TLSv1.2 standard is used for Secure Communication between hubs and robots.

• RSA 2048 asymmetric: Key pairs are used for TLSv1.2 communication.

• Post-processing methods used: Convert to base64 encoding.

  • The Base64 encoding technique uses a predefined key to encrypt the password before writing to the probe configuration file.

Twofish

Other UIM components (hub tunnels, web/application servers such as the wasp probe, data_engine connection to the database, etc.) generally use SSL/TLS when configured to do so, see also:

Support for TLS v1.2 (Microsoft SQL Server)

Encrypt DX UIM Network Traffic with SSL