Hi,
I am configuring NetXMS on a CentOS 6 server. My main goal is to secure monitoring services within my network. I just finished getting all Cisco devices to SNMPv3 and it works great with NetXMS.
I have a mix of Server 2003 and 2008R2 machines that I would like to force encryption on the agents. I saw an earlier post where someone was asked about whether they compiled from source and included encryption. I compiled from source so I went and checked my config.log file and it looked ok (I attached a part of the config.log file)
Is there any guidance on configuring encryption on Windows server agents?
Thank you,
A
Encryption is used by default, however it's a subject to supported ciphers and negotiation during initial handshake — with plain text fallback. To ensure that network traffic is always encrypted (or connection is rejected), add "RequireEncryption=yes" to nxagentd.conf.
Thank you Alex!
Another option is to change server configuration parameter DefaultEncryptionPolicy. Possible values are:
0 - never use encryption
1 - use encryption only if agent requests it
2 - always use encryption, fallback to unencrypted channel if agent does not support encryption
3 - always use encryption, close connection if agent does not support encryption
Best regards,
Victor