The enVision appliance OS using Windows 2003 has been configured to require strong encryption to be negotiated for applications that must use the cryptographic services. Strong encryption may be Federal Information Processing Standard (FIPS)-compliant encryption.
Installation of Windows applications via RDP is no longer available. All applications must be installed via local KVM access or via the DRAC on the 60-series hardware
- This setting affects Terminal Services in Microsoft Windows Server 2003. By default, when this setting is not enabled on the client or on the server, the Remote Desktop Protocol (RDP) channel between the server and the client is encrypted by using the RC4 algorithm with a 56-bit key length. After this setting is enabled, the RDP channel is encrypted by using 3DES in Cipher Block Chaining (CBC) mode with a 128-bit key length, if the client supports it. Also, a client must use the RDP client version 5.2 or a later version to connect.
- Encrypting File System (EFS) is also affected by this setting. By default, Windows XP uses the Data Encryption Standard (DESX) algorithm with a 56-bit key length. If the Windows high encryption pack is installed, the key length for this algorithm is Triple-DES (3DES) or 128 bits. By default, on Windows XP Service Pack 1 (SP1)-based and Windows Server 2003-based computers, EFS uses the Advanced Encryption Standard (AES) algorithm with a 256-bit key length. However, if you enable the System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing setting on these computers, the operating system will use 3DES with a 128-bit key length instead.
More information can be found at http://support.microsoft.com/kb/811833
- Installing applications via RDP