To enable packet log encryption:
- Click Domain, Devices, <Sensor Name>.
- Click Setup, Advanced, Alerting Options.
- For Enable Packet Log Channel Encryption, select Yes.
NOTE: This functionality might cause alert processing delays on setups with a high alert rate.
When you enable or disable packet log encryption, the packet log connection between the Manager and Sensor temporarily disconnects. The connection then reconnects after it successfully renegotiates.
IMPORTANT: For version 9.x only, to stop null ciphers from being used in Manager to Sensor communication, you must modify the ems.properties file.
You do not need to modify this file for 10.x or later.
- Click the Manager icon in the notification area and select Stop Manager.
- Open ems.properties in Notepad or any other plain text editor.
- Search for the iv.core.ism.ssl.allowNullEncryption entry and change the value from true to false.
For example: iv.core.ism.ssl.allowNullEncryption=false
- Save your changes.
- Click the Network Security Manager icon in the notification area and click Start Manager.
