000033992 - How to handle a request for information on Access Control and Data Security in RSA Web Threat Detection

Document created by RSA Customer Support Employee on Dec 13, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000033992
Applies ToRSA Product Set: Web Threat Detection
RSA Product/Service Type: Forensics
RSA Version/Condition: 4.6, 5.x, 6.0
 
IssueOur Customers may be undergoing internal IT audits or industry audits, like PCI, and require some information about WTD.  We have seen that some auditors are requesting information regarding the WTD software, specifically the encryption methods that are used.
Questions that may be asked include:
1) What cryptographic algorithm was used?
2) Is there encryption key rotation or digital certificate renew in place? If yes, how often?
3) What’s the encryption key length, if symmetric key or asymmetric key, is used?
4) Does the encryption generation method or algorithm comply with X.509 standards and produce x.509 compliant keys?  
 
Resolution

 Here are current best answers to the questions above.


1) What cryptographic algorithm was used?  This should consider data in motion versus data at rest.


See attached document that covers the certificates and how they encrypt the data throughout the environment. 
It is from v3.1 but recently confirmed with Engineering that it is still accurate. 
(There is a Document Enhancement Request to update this to current versions 6.x)


2) Is there encryption key rotation or digital certificate renew in place? If yes, how often? 


No, Keys are generated at install and will have to be replaced manually. 


3) What’s the encryption key length if symmetric key or asymmetric key is used?


The keys created at startup are 4096 bit RSA.


4) Does the encryption generation comply with X.509 standards and produce x.509 compliant keys?


        Yes.

Attachments

    Outcomes