How does the encryption mechanism work in VigilEnt Security Agent for Unix? (NETIQKB31478)

goal
How does the encryption mechanism work in VigilEnt Security Agent for Unix?

fact
VigilEnt Security Agent for Unix 5.0

fact
VigilEnt Security Agent for Unix 4.0

fact
VigilEnt Security Agent for Unix 3.2

fix
The encryption mechanism generates random encryption strings that agents and the Utility Console use to encode and decode encrypted data. For an added layer of security, encryption is also tied to the host names and the passphrase that are selected for the Utility Console. The first time running the Agent Manager utility, the initial communication attempts with the agents are made using a minimally-secure encrypted phrase that needs to be updated with a secure encryption file.

Follow these steps to add the agent hosts to the host list in the Utility Console, and to synchronize encryption across the Utility Console and the agents. Completing this task successfully ensures that security-critical information cannot be viewed or used even if the communication packets are intercepted.

To synchronize the encryption files:

1. Select License | Re-Generate keys.
   
2. Select the host or hosts you want to regenerate the encryption file and click Ok.
   
3. When the regeneration process finishes, select Hosts | Scan Hosts.
   
4. Review the hosts in the summary table to make sure that they are running.

Formerly known as NETIQKB31478