Issue:
A customer would like to know if PME data is encrypted when stored within the SQL databases (at rest) or while being passed through web applications (in transit).
Product Line:
ION-E 6.0
SPM 7.0.1
Power Monitoring Expert 7.2.x
Power Monitoring Expert 8.x
Power Monitoring Expert 9.0
Power Monitoring Expert 2020
Power Monitoring Expert 2021
Power Monitoring Expert 2022
Power Monitoring Expert 2023
Environment:
PME databases and web applications
Cause:
A customer wants to know if PME data is encrypted when stored in the SQL databases or while being passed through web applications.
Resolution:
Data is not encrypted when passed through the Web Applications or within the database tables. It is recommended to install TLS / SSL within Internet Information Services to encrypt Web Applications data while in transit, and to restrict SQL network access and credentials to prevent unauthorized requests. We recommend that the connections between PME and the SQL database server, in Distributed Database architecture installations are encrypted using at least Transport Layer Security (TLS)1.2. This requires a certificate from a public certification authority for the SQL Server computer and the configuration of both servers to use encrypted connections.
NOTE: Only the communication between the PME application server and the database server will be encrypted, not the data in the database.
A customer would like to know if PME data is encrypted when stored within the SQL databases (at rest) or while being passed through web applications (in transit).
Product Line:
ION-E 6.0
SPM 7.0.1
Power Monitoring Expert 7.2.x
Power Monitoring Expert 8.x
Power Monitoring Expert 9.0
Power Monitoring Expert 2020
Power Monitoring Expert 2021
Power Monitoring Expert 2022
Power Monitoring Expert 2023
Environment:
PME databases and web applications
Cause:
A customer wants to know if PME data is encrypted when stored in the SQL databases or while being passed through web applications.
Resolution:
Data is not encrypted when passed through the Web Applications or within the database tables. It is recommended to install TLS / SSL within Internet Information Services to encrypt Web Applications data while in transit, and to restrict SQL network access and credentials to prevent unauthorized requests. We recommend that the connections between PME and the SQL database server, in Distributed Database architecture installations are encrypted using at least Transport Layer Security (TLS)1.2. This requires a certificate from a public certification authority for the SQL Server computer and the configuration of both servers to use encrypted connections.
NOTE: Only the communication between the PME application server and the database server will be encrypted, not the data in the database.
發佈於: 施耐德電機Taiwan
