Network Communication and Encryption
A secure communication between the components that integrate an Automation Engine system relies on encryption. It secures the data flow between the components and ensures that data cannot be read or modified during transfer. You do not require external encryption solutions as this is done natively through an AES key level of your choice. As a system administrator, you decide and configure the level of encryption to be used.
Encryption is used for the following:
- Password storage within the CA Automic database repository
- Database password reference within the Automation Engine configuration file
- Communication between Automation Engines and Agents
- User interfaces and APIs
- Outbound communication
Network Communication
The Automation Engine uses the TCP/IP protocol family for data transmission. These protocols have been developed for fail-safe peripheral communication and are therefore very well suited for safe data transfer. TCP/IP needs relatively low effort for the design of redundant networks, thus making the design of highly available and fail-safe networks easy.
Encryption
You define whether the communication is encrypted or not in the ENCRYPTION key available in the UC_AS_SETTINGS variable (UC_AS_SETTINGS - Advanced Security) that is provided in system Client 0000. It is enabled by default.
The following values are allowed:
-
ENCRYPTION = NO
The communication between the components in an Automation Engine system is not encrypted.
-
ENCRYPTION = AES-128
Communication encrypted with a 128-bit key length.
-
ENCRYPTION = AES-192
Communication encrypted with a 192-bit key length.
-
ENCRYPTION = AES-256
Communication encrypted with a 256-bit key length.
The encryption strength has no negative effects on the performance of your system.
See Encrypting the Communication for detailed instructions.
See also: