SSL and 3DES Keys Protection Summary (Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide)

Sun Java System Directory Server Enterprise Edition 6.3 Installation Guide

SSL and 3DES Keys Protection Summary

SSL and 3DES Keys Protection Summary summarizes how Identity Synchronization for Windows protects sensitive information that is sent over the network.

Table 10–1 Protecting Sensitive Information Using Network Security


Use this Protection Method	Between the Following Information Types:
LDAP over SSL (optional)	Directory Server Connector and Directory Server, Active Directory Connector and Active Directory Directory Server Plug-in and Active Directory Command line interfaces and the product’s configuration directory Console and the product’s configuration directory Console and Active Directory Global Catalog Console and Active Directory domains or Directory Servers being synchronized Message Queue broker and the product’s configuration directory Connectors, system manager, central logger, command line interfaces, and Console may authenticate the Message Queue over LDAPS Installer and the Configuration Directory Server Installer and Active Directory Installer and the Directory Server being synchronized
Encrypted with 3DES keys (default)	Directory Server Connector and Directory Server Plug-in (all data) Windows NT Connector, Windows NT Password Filter DLL, and Windows NT Change Detector (all data) All sensitive information in the product’s configuration directory All messages sent between connectors and subcomponents (encrypted with per-session 3DES keys) All (non-log) messages sent over Message Queue

SSL and 3DES Keys Protection Summary contains an overview of the security features discussed in this section.

Figure 10–1 Security Overview for Identity Synchronization for Windows

Physical deployment of Identity Synchronization for Windows
Components