Database Security 4.8 Sensors now use SHA-2
Last Modified: 2023-05-11 04:52:32 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Database Security 4.8 Sensors now use SHA-2
Technical Articles ID:
KB93646
Last Modified: 2023-05-11 04:52:32 Etc/GMT Environment
Database Security 4.8
Summary
Database Security Sensors 4.7 and earlier connect to the Server using SHA-1. With the release of Database Security 4.8, this communication uses SHA-2.
Cause
SHA-1 is considered a weak hashing algorithm and has reached End of Life. Many organizations are deprecating TLS or SSL certificates signed by the SHA-1 algorithm.
Solution
Sensors 4.8 and later only use certificates signed with SHA-2 to maintain a connection. Older versions of the sensor continue to use SHA-1 certificates as they can't validate SHA-2 certificates. Database Security server 4.8 supports both SHA-1 and SHA-2 certificates. To make sure that all new Sensor connections are first established with an SHA-2 certificate:
Older sensors can't validate the SHA-2 certificate, so the Database Security server re-establishes the connection using an SHA-1 certificate. Then, the Database Security server detects that the sensor has been updated and establishes the connection using an SHA-2 certificate. Affected ProductsLanguages:This article is available in the following languages: |
|