User's Manual


SS300ATC60InstallationGuide
21
Chapter8 AppendixA:ServerSensorMutualAuthentication
TheSensorServercommunicationbeginswithamutualauthenticationstepinwhichtheSensorandServerauthenticateeach
otherusingasharedsecret.SensorServercommunicationtakesplaceonlyifthisauthenticationsucceeds.
Onceauthenticationsucceeds,asessionkeyisgenerated.AllcommunicationbetweentheSensorandServerfromthispoint
onisencryptedusingthesessionkey.
TheSensorandServerareshippedwiththesamedefaultvalueofthesharedsecret.TheCLIcommandsareprovidedonboth
ServerandSensorforchangingthesharedsecret.
Note:Oncethesharedsecret(communicationkey)ischangedontheServer,all
SensorsconnectedtotheServerwillautomaticallybe
setuptousethenewcommunicationkey.SensorsthatarenotconnectedtotheServeratthistimewillneedtobesetupwiththesame
communicationkeyforthemtobeabletocommunicatewiththisServer.
Note:WhiletheServerisbackwardcompatible,thatis,preversion6.7Update1Sensorscanconnecttoaversion6.7Update1Server,this
isnotrecommended.OnceallSensorshavebeenupgradedtoversion6.7Update1,thesetsensorlegacyauthentication
CLIcommand
canbeusedtodisableolderSensorsfromconnectingtotheServer.