Encrypting communication with a SEPM Microsoft SQL Server database
HOWTO128904
Last Updated September 25, 2018
When you integrate ATP with Symantec Endpoint Protection, you may want to enable SSL-encrypted communication with your SEPM database server. You only need to encrypt communication to your external Microsoft SQL Server. If you use the embedded SEPM database, ATP automatically encrypts communication to that server.
To encrypt communication, Symantec recommends that you install a signed certificate from a certificate authority (CA) on the Microsoft SQL Server. If you do not install a signed certificate from a CA, you can install a self-signed certificate. If you create and install a self-signed certificate, contact Symantec Customer Support for assistance with importing the certificate into the ATP Keystore.
For information on how to install a CA or self-signed certificate: See Installing certificates on your Microsoft SQL Server for encrypted communication with ATP .
SEPM Server database connection statuses
When you enable Symantec Endpoint Protection Correlation in ATP Manager, ATP verifies whether the communication to each enabled database is encrypted. ATP Manager then displays the status for each SEPM database connection in the > > section.
A connection is considered encrypted if the MS SQL Server ForcedEncryption option is configured for Yes, and you have a valid certificate installed. A connection is considered unencrypted if the ForceEncryption option is configured for No. In either case, ATP collects events from the database.
A Connection Error occurs if the ForcedEncryption option is configured for Yes, but you do not have a valid certificate. (For example, if you have no certificate installed, or the certificate is expired.) In this case, ATP does not collect events from the database.
If communication to one of your SEPM databases is unencrypted:
ATP Manager displays Healthy [unencrypted connection] in the Status column for that database, and after the check box.
These statuses appear even if you have other SEPM databases that are encrypted.
If communication to one of your SEPM databases is encrypted:
ATP Manager displays Healthy [encrypted connection] in the Status column for that database, and Healthy after the check box.
ATP creates an event each time it establishes a connection to a database. You can view and query these events in ATP Manager in the > logs.
See About integrating ATP with Symantec Endpoint Protection
See Enabling Synapse correlation with Symantec Endpoint Cloud
See Configuring the connection to the Symantec Endpoint Protection Manager database
Legacy ID:
v127856879_v127312507
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)