More and more we are seeing large clusters that extend across large geographical areas. DataMiner agents need to synchronize with other agents in distant points. In those cases, the communication traffic may traverse multiple routers, firewalls and in some cases even cross the public internet.
I would like to know what security measures are in place by default to secure SLNet communication between DataMiner agents that belong to the same DMS. What are the native capabilities DataMiner has available to encrypt the communication between agents? What are the recommended practices and configurations?
If possible, share links to those materials that explain how to set up secure communication between agents, if not done by default.
Thanks
All SLNet communication of a DataMiner Agent can be configured to use encrypted connections. Data sent over those connections will be encrypted with a Rijndael algorithm, using a 256-bit session key (negotiated during authentication via a 1024 bit RSA key pair).
Details on how to configure this can be found in the DataMiner help (link).
Also referring to following question:
https://community.dataminer.services/question/communication-dma-to-dma-or-dma-to-dataminer-client/
Since 10.0.11.0 it's also possible to configure TLS encryption between the Elastic nodes of the DMS (only for new Elastic installations)
Note this setting will be enabled by default starting from 10.0.13