NetOps Performance Management Architecture Question: TLS

book

Article ID: 241872

calendar_today

Updated On:

Products

CA Performance Management - Usage and Administration DX NetOps

Issue/Introduction

Application Architecture Question: Does the application use TLS 1.2 or greater to safeguard sensitive data during any network transmissions over all networks through which sensitive information is transmitted?

Does DX NetOps Performance Management use TLSv1.2 or greater for encryption and security?

Environment

All supported DX NetOps Performance Management releases

Resolution

The Note on the first page of the HTTPS configuration docs, the Enable HTTPS topic, partially answers this question.

  • TLSv1.0 and TLSv1.1 (and all SSL*) are disabled by default in jetty on both the Data Aggregator and Portal systems.
  • When configured for HTTP, the default, no security is utilized.
  • TLSv1.2 is used for the following when configured.
    • HTTPS: This applies to communications between:
      • Users and Portal web UI
      • Portal and Data Aggregator
      • Data Aggregator and Data Collector
    • LDAPS
    • SMTPS
  • ActiveMQ communication between Data Aggregator and Data Collector utilize TLSv1.2