The table Secure Deployment Settings describes the default settings of products.

Table 1. Secure Deployment Settings
Smart Assurance version Default settings Secure Deployment settings Pros and Cons of Secure Deployment settings
10.1.5, 10.1.2, 10.1.0, 10.0.0, and 9.6.0

Communication is possible in the following ways:

  • Transport Layer Security.
  • Communication over Smarts crypto channels, for interoperability with older versions of clients/domains.
  • Authenticated, un-encrypted (Cleartext) mode for interoperability with older versions of clients/domains.

Restrict usage of the less secure communication modes such as Cleartext, keeping the interoperability requirements in mind.

Pros:

Provides better security in communication.

Cons:
  • Incompatible with the previous releases of the software
  • Slower than cleartext.
Non-FIPS mode The cryptographic settings used in non-FIPS 140 mode is secure. If FIPS validated cryptography is required, enable FIPS 140 mode. Pros:

Has all the advantages of encryption levels provided for non- FIPS mode.