Previous Topic: Encryption Policy GroupNext Topic: Compatibility Policy Group

The DSM ExplorerControl PanelConfiguration FolderConfiguration PolicyDefault Computer Policy (or User-Defined Policy) NodeCommon Components Policy GroupEncryption Policy GroupCipher preferences Policy Group

Cipher preferences Policy Group

The Cipher preferences policy group specifies the list of preferred ciphers for encryption algorithms used for communication. When a communication is established< the defined algorithms of both partners are considered and the best matching one is chosen for the communication. To be able to communicate at all, both partners need to have at least one matching encryption algorithm. Currently, an AES key or a Triple-DES key can be used for communication.

You can modify policy parameter values by double-clicking a policy to display the Setting Properties dialog.

Cipher 0

Specifies the most preferred cipher, then Cipher 1...Cipher n in descending order. Valid values are as follows:

AES-128

Indicates a symmetric key according to the Advanced Encryption Standard with a key length of 128 bits.

AES-192

Indicates a symmetric key according to the Advanced Encryption Standard with a key length of 192 bits.

AES-256

Indicates a symmetric key according to the Advanced Encryption Standard with a key length of 256 bits.

Triple-DES

Indicates a symmetric key according to the Data Encryption Standard with a key length of 168 bits.

Note: AES-128 is considered to be faster and safer than Triple-DES. Therefore, AES-128 is used by default for communication with partners installed with CA IT Client Manager.

Default: AES-128

Cipher 1

Specifies the second most preferred cipher, then Cipher 2...Cipher n in descending order. You can use Cipher 1 to define an additional encryption algorithm for communication or to remove an algorithm from the list of supported ciphers. Valid options are as follows: <not used>, AES-128, Triple-DES, AES-192, and AES-256.

Default: AES-256

Cipher 2

Specifies the third preferred cipher in the list, then Cipher 3 in descending order. You can use Cipher 2 to define an additional encryption algorithm for communication or to remove an algorithm from the list of supported ciphers. Valid options are as follows: <not used>, AES-128, Triple-DES, AES-192, and AES-256.

Default: AES-192

Cipher 3

Specifies the last preferred cipher in the list. You can use Cipher 3 to define an additional encryption algorithm for communication or to remove an algorithm from the list of supported ciphers. Valid options are as follows: <not used>, AES-128, Triple-DES, AES-192, and AES-256.

Default: Triple-DES