Video Screencast Help

Is Endpoint Protection and Critical System Protection embedded database encrypted?

Created: 06 May 2012 | 1 comment

Is Endpoint Protection and Critical System Protection embedded database encrypted?

Or is it secured in other ways so as to protect the policies and login credentials?

Comments 1 CommentJump to latest comment

pete_4u2002's picture

Is there any other encryption of sensitive data between Symantec Endpoint Protection Manager and the SQL server?
Policies are converted to binary data to transfer. All passwords are encrypted.
 

When Windows Authentication mode (NTLM) is used, the "sa" account password is not required, and the "sem5" account password is not transferred, so there are no security concerns.
 

Also, the "sem5" account password is unencrypted when creating a database connection for JDBC and ODBC and uploading logs through BCP.
 

The first console user is created in the configuration wizard, and the password is encrypted. The encrypted password is transferred when the console user logs on. After the user logs on, the user can create other users, and that password is encrypted and transferred.