000036086 - Which protocols are used between a Virtual Log Collector and a local collector in RSA Security Analytics?

Document created by RSA Customer Support Employee on Mar 3, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000036086
Applies ToRSA Product Set: NetWitness Logs & Packets, Security Analytics
RSA Product/Service Type: Log Collector, Virtual Log Collector (VLC)
RSA Version/Condition: 10.6.3.x, 10.6.4.x
Platform: CentOS
O/S Version: EL6
 
IssueWhich cryptographic protocols are used between a Virtual Log Collector (VLC) and a local collector in RSA Security Analytics when transferring the collected logs?
ResolutionVirtual Log Collectors use RabbitMQ to forward the collected logs to local collectors.

Beginning in RSA Security Analytics 10.6.3.0, TLS 1.0 and TLS 1.1 are disabled on both ports 5671 and 15671 leaving TLS 1.2 as the only supported protocol.

This setting can be viewed in the /etc/rabbitmq/rabbitmq.config file on the collectors.

Attachments

    Outcomes