CorreLog, Inc.   Solutions   Download   Partners   News   Support   About Login

Solutions > CorreLog TLS / AES-256 Encryption

CorreLog follows NIST / FIPS specifications for secure processing. With no additional software, CorreLog employs secure authentication and optional data encryption between agent programs and the CorreLog server. This baseline security can be further enhanced to include Transport Layer Security (TLS) and unbreakable AES-256 encryption, furnishing complete FIPS compatibility and compliance.

 

Enhanced Encryption Overview

For those sites requiring rigorous security for their system management data, CorreLog offers its TLS / AES-256 software for enhanced internal security. This software adds a new Apache server to the system that supports HTTP TLS, and SSLv3. This package additionally enables AES-256 encrypted transfers between CorreLog agents and the main CorreLog site, and provides other security functions described here.

This optional software is particularly important for sites that require verifiable and published cryptographic algorithms. These sites may include government installations constrained to follow FIPS regulations, sites that require PCI/DSS certification, as well as sites that transmit information over the public Internet.

NOTE: The United States government regulates the export of cryptographic algorithms. The software described on this page manual cannot be incorporated in any non-domestic products, or delivered to any person or organization outside the USA. For precise information on United States cryptography export/import laws, contact the Bureau of Export Administration (BXA) (http://www.bxa.doc.gov/).

Enhanced Encryption Software Features

The Enhanced Encryption Software package adds an extra layer of security on top of the existing CorreLog security features, doubly encrypting data transfers with FIPS compliant published algorithms to provide verifiable security. Specific features of this package are as follows:

  • Authentication and Encryption of HTTP Communications. The Enhanced Encryption Software adds a secure HTTPS server to the CorreLog site, so that all data transfers between a user's browser and the CorreLog server are authenticated and encrypted using standard TLS, SSLv3. This extra software includes elements needed to make a self-signed security certificate for the CorreLog installation.

  • AES-256 Encryption of Agent Data Transfers. The Enhanced Encryption Software enables highly secure AES-256 encryption to CorreLog agent programs, which supplements the native encryption features of the agent programs with published and verifiable security.

  • Secure Key Upload Protocol. The Enhanced Encryption Software adds a secure upload protocol, which allows easy maintenance of cryptographic keys, and furnishes the ability to periodically upload keys to CorreLog agents so as to promote secure operation.

  • Encryption Self-Test. The Enhanced Encryption Software provides a secure self-test of encryption on coldstart and on demand, compliant with FIPS guidelines. Additionally, the current states of encryption keys, and any changes to these keys, are recorded for forensics and audit purposes.

The Enhanced Encryption Software furnishes a seamless integration with CorreLog, working with the various CorreLog Agent Tunneling programs (described elsewhere). For example, the user can generate and upload different encryption keys for each agent program. The central CorreLog server tracks the particular encryption version of each agent, so that changing one encryption key does not affect the processing of other agents. The result is a completely unbreakable encryption and authentication scheme for management data transfers.

Installation Requirements

The Enhanced Encryption Software is installed at the main CorreLog Server site, and does not require changes to agent or tunneling programs. Installation requires administrative access to the CorreLog Server platform (to execute the key generation Windows dialog), and also an administrative login to the CorreLog website (to upload keys to remote programs using secure key exchange protocol).

The encryption software does not require Java, or .NET, and uses minimal CPU and memory. The includes a ready-to-run configuration, and 50+ page CorreLog User Reference Manual, in Adobe PDF format, which includes complete installation and application notes.

This software is available for evaluation on user request. As previously noted, this particular package is available only to USA domestic installations, and is subject to USA export laws. Contact CorreLog sales or professional services for more help.

View Other Solutions & Services...

This is CorreLog
Security Compliance
Datasheets
 
Free Trial Download
Request Product Demo
Purchase CorreLog

Privacy  |  Product Licensing  |  Contact Us

CorreLog: High Performance Correlation, Search, and Log Management

Copyright © 2010, CorreLog, Inc. All rights reserved.
All trademarks and registered trademarks used herein are the properties of their respective owners.

Google, Twitter, Digg, SlashDot, Cisco, Microsoft