|Applies To||RSA Product Set: NetWitness Logs & Packets, Security Analytics|
RSA Product/Service Type: Log Collector, Virtual Log Collector (VLC)
RSA Version/Condition: 10.6.3.x, 10.6.4.x
O/S Version: EL6
|Issue||Which cryptographic protocols are used between a Virtual Log Collector (VLC) and a local collector in RSA Security Analytics when transferring the collected logs?|
|Resolution||Virtual Log Collectors use RabbitMQ to forward the collected logs to local collectors.|
Beginning in RSA Security Analytics 10.6.3.0, TLS 1.0 and TLS 1.1 are disabled on both ports 5671 and 15671 leaving TLS 1.2 as the only supported protocol.
This setting can be viewed in the /etc/rabbitmq/rabbitmq.config file on the collectors.