Figure 1 shows the TLS communication in a Server & Workload Protection
environment. You can see that 10.0 or higher agents communicate with Server & Workload Protection over TLS 1.2, while 9.6 versions
communicate over early TLS. Similarly, newer third-party applications use TLS
1.2, while older ones use early TLS.
Figure 1: TLS communication in a Server & Workload Protection environment:
Enable the TLS 1.2 architecture
To enable TLS 1.2 in your Server & Workload Protection environment, you may need
to upgrade your agents and relays. Follow these guidelines:
If you have 9.6 agents in your environment, you must upgrade them to 10.0 or later.
Only 10.0 or later agents support TLS 1.2.
If you have 9.6 relays in your environment, you must upgrade them to 10.0 or later.
Only 10.0 or later relays support TLS 1.2.
After setting up your TLS 1.2 environment, if you decide to Use a deployment script (among other methods) to deploy new agents and relays, adhere to the guidelines below.
Guidelines for using deployment scripts
Procedure
If you are deploying an agent or relay onto Windows computers, use PowerShell 4.0
or higher, which uses TLS 1.2 to communicate with the manager or relay to obtain agent
software and install it.
If you are deploying an agent or relay onto Linux, use curl 7.34.0 or higher. This
version uses TLS 1.2 to communicate with the manager or relay to obtain agent software
and install it.
If you are deploying onto Red Hat Enterprise Linux 6 which uses curl 7.19 by default,
upgrade to curl 7.34.0 or later. If you can't upgrade curl, see the next step for
a workaround.
If you are deploying onto Windows XP, 2003, or 2008, where PowerShell 4.0 is not supported,
remove these lines:
#requires -version 4.0[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;
Table of Contents
The page you're looking for can't be found or is under maintenance
