By default, configuration data is not encrypted in the Device Server cache. Add the CACHE_ENCRYPT attribute to the NCM Infrastructure Database to encrypt the configuration data. Note that enabling encryption only takes effect if there is a change in the configuration data (if a new Device Configuration State is created).

To enable the encryption, follow this procedure.

Procedure

  1. Go to the [Product directory]/bin directory.
  2. For Linux only, source the voyence.conf file. Type: source /etc/voyence.conf
  3. Go to the [Product Directory]/cgi-bin/ directory.
  4. Run one of these commands depending on where the Device Server resides:
    • Application server: ./cflist.cgi > temp.txt
    • Remote Device server: ./cflist.cgi mode=pop > temp.txt
  5. Open the temp.txt file and add the CACHE_ENCRYPT=1 attribute to the NCM Infrastructure Database.
    For example:
    POP 1000 "linbgz222.lss.vmware.com"
    NetList= RsrcList= DevList= EmsList= :
    ADDR="10.31.151.222" AGE_DAYS=730 
    CLEANUP_DAYS=90 AD_ENABLE=0 
    AD_ARPCACHE=0 AD_DFLTROUTE=0
    AD_AUTO_RESOURCE=0
    AD_DEFAULT_POLL=0
    SNMP_TIMEOUT=500 SNMP_RETRY=3
    CM_DEBUGSESSION=0 SORTCONFIG=1 
    CM_MAXMAINTASKS=20 CM_PULLTIMER=1200 
    CUTTHRU_PULLTIMER=10 
    MAX_COMM_ATTEMPTS="5" 
    CM_SMGR_CACHING_ENABLED=1 
    CM_SMGR_SESSION_TIMEOUT=60 
    CM_SMGR_SESSIONS_PER_DEVICE=4 
    AD_BATCHSIZE=1000 AD_NUMHOP=10 
    AD_TIMEOUT=10 AD_LOOPCNT=2 
    CM_NATTEDIP_LOOKUP=1 
    CACHE_ENCRYPT=1 
    CM_SYSLOGCONFIG="local1.*;local4.*;local7.*" 
    RECORDVER="1.0"
  6. Run the command: ./cfwrite.cgi < temp.txt
  7. Restart the vcmaster service. Use the command appropriate for the operating system where [Product_Directory] is the directory where Network Configuration Manager is installed:
    • Linux: systemctl start vcmaster