User's Manual
SS‐300‐AT‐C‐60InstallationGuide
21
Chapter8 AppendixA:ServerSensorMutualAuthentication
TheSensor‐ServercommunicationbeginswithamutualauthenticationstepinwhichtheSensorandServerauthenticateeach
otherusingasharedsecret.Sensor‐Servercommunicationtakesplaceonlyifthisauthenticationsucceeds.
Onceauthenticationsucceeds,asessionkeyisgenerated.AllcommunicationbetweentheSensorandServerfromthispoint
onisencryptedusingthesessionkey.
TheSensorandServerareshippedwiththesamedefaultvalueofthesharedsecret.TheCLIcommandsareprovidedonboth
ServerandSensorforchangingthesharedsecret.
Note:Oncethesharedsecret(communicationkey)ischangedontheServer,all
SensorsconnectedtotheServerwillautomaticallybe
setuptousethenewcommunicationkey.SensorsthatarenotconnectedtotheServeratthistimewillneedtobesetupwiththesame
communicationkeyforthemtobeabletocommunicatewiththisServer.
Note:WhiletheServerisbackwardcompatible,thatis,preversion6.7Update1Sensorscanconnecttoaversion6.7Update1Server,this
isnotrecommended.OnceallSensorshavebeenupgradedtoversion6.7Update1,thesetsensorlegacyauthentication
CLIcommand
canbeusedtodisableolderSensorsfromconnectingtotheServer.