Encryption using AES-256

When creating a new Datastore, Ivanti Automation automatically uses AES-256 encryption to protect the security sensitive data (for example, credentials/passwords and security context). At Administration > Information (and Setup > Database), the type of encryption is displayed: 'This database is configured to use AES-256 encryption'.

If your existing environment uses legacy encryption and you want to use AES-256 encryption, you can download the Ivanti Automation Conversion Tool from the Ivanti community (at https://community.ivanti.com/docs/DOC-65606). Before using this Conversion Tool, all Dispatchers, Consoles and Agents in your environment must be running Ivanti Automation 10.2 or higher.

If your environment uses a Datastore with AES-256 encryption, downgrading to Ivanti Automation version 10.0 or lower is not supported. Also, (re)connecting a legacy Console (version 10.0 or lower) to an AES-256 encrypted environment is not supported.

The communication between Dispatchers and Agents is automatically secured by protocol encryption (SSL).

In migration scenarios, it is possible to import Building Blocks to fill your Datastore. See also Building Blocks using AES-256 encryption.

Agents for Unix/Linux

AES-256 encryption is not supported for Agents running on the following platforms:

  • Red Hat Enterprise Linux 4.5 (x86/x64)
  • Sun Solaris 10 for SPARC
  • Sun Solaris 10 for Intel