PlateSpin Migrate provides several features to help you safeguard your data and increase security.
To make the transfer of your workload data more secure, you can configure your migration jobs to encrypt the data in transit to the target. When encryption is enabled, over-the-network data transfer from the source to the target is encrypted by using AES (Advanced Encryption Standard).
You can configure your PlateSpin Server to use a data encryption algorithm that is compliant with FIPS (Federal Information Processing Standards, Publication 140-2). If compliance with FIPS is required, it must be set up on your system prior to the PlateSpin Server installation. See Enabling Support for FIPS-Compliant Data Encryption Algorithms (Optional)
in your Installation Guide.
For information on how to enable replication for a migration job, see Specifying Conversion Options.
If FIPS is enabled in the source workload, you must do the following before you migrate the workload:
In the address bar of a web browser, type the following URL to launch the PlateSpin Server Configuration Settings page:
https://Your_PlateSpin_Server/platespinconfiguration/
Log in as Administrator.
Locate the EnforceFIPSCompliance parameter and click Edit to change its value to true.
Click Save.
After you modify the settings in the configuration tool, it might take up to 30 seconds for the change to take reflect on the interface. You need not reboot or restart the services.
Discover the FIPS enabled source workload.
Data transmission between the PlateSpin Server and the PlateSpin Migrate Client can be configured to use either HTTP (default) or HTTPS (Secure Hypertext Transfer Protocol). To secure data transmission between the client and the server, enable SSL on your PlateSpin Server host and use HTTPS when specifying the server URL. See Connecting to a PlateSpin Server.
Credentials that you use to access sources and targets in workload migration jobs are:
Cached, encrypted, and securely stored by the PlateSpin Migrate Client, by using operating system APIs.
Stored in the PlateSpin Migrate database and are therefore covered by the same security safeguards that you have in place for PlateSpin Server hosts.
Included within diagnostics, which are accessible to accredited users. You should ensure workload migration projects are handled by authorized staff.
PlateSpin Migrate provides a role-based user authorization and authentication mechanism. See Configuring User Authorization and Authentication.
NOTE:If you have installed a PlateSpin Migrate Server localized for one language and a PlateSpin Migrate Client localized for a different language, do not use authorization credentials that include any language-specific characters. Using such characters in the login credentials causes miscommunication between the client and the server: the credentials are rejected as invalid.