UC_AS_SETTINGS - Advanced Security

This Variable (VARA) object allows you to specify particular encryption and authentication methods. It is supplied in the system client 0000 and can only be changed within this client because it contains advanced security settings which are valid throughout the whole AE system.

Note: Make sure that only users with the skills needed can access this variable thus avoiding that a specified encryption and/or authorization method is modified by accident.

This variable includes the following keys:

AUTHENTICATION

  • Description: Authentication method

  • Allowed values: NO, LOCAL, and LOCAL_REMOTE

    • NO: no authentication

    • LOCAL: server authentication

    • LOCAL_REMOTE: server and agent authentication

  • Default value: NO

  • Note: Additional steps are required to change the authentication method. For more information, see Changing the Authentication Method.

  • Restart required: Server

    For more information, see Starting and Ending Server Processes.

ENCRYPTION

  • Description: Encryption method

  • Allowed values: NO, AES-128, AES-192, and AES-256

    • NO: no encryption method

    • AES-128: 128-bit key length

    • AES-192: 192-bit key length

    • AES-256: 256-bit key length

  • Default value: AES-256

  • Restart required: Server

    For more information, see Starting and Ending Server Processes.

GSS_COMPATIBILITY

  • Description: Allows you to grant or deny access to the system when (old) GSS agents authenticated with low entropy keys try to connect.

    Note:  This setting is only relevant when you use the LOCAL agent authentication method, see Authentication Methods. Keep in mind that changing the authentication method to LOCAL_REMOTE does not affect the entropy level of the authentication key.

  • Allowed values: YES and NO

    • YES: Agents authenticated with low or high entropy keys can access the system

    • NO: Only agents authenticated with high entropy keys can access the system

  • Default value: YES

  • Restart required: Server

    For more information, see Starting and Ending Server Processes.

See also: