Security
Click the sixth tab to open the Security dialog.
Click the Enable Enhanced Security button to adopt the SHA-256 cryptographic digest algorithm for all digital signatures as well as for content verification and to use the TLS 1.2 protocol for communications among the BigFix components.
- The updated license was gathered.
- If you configured a Disaster Server Architecture in your BigFix environment, ensure that the Administration Tool is run on all the secondary servers of the DSA configuration that are not yet using SHA-256.
- Unsubscribe from all external sites that do not support SHA-256.
If you click Enable Enhanced Security without selecting Require SHA-256 Downloads, the SHA-256 algorithm will be used to for digital signatures and for content verification, TLS 1.2 protocol will be used for communications among the Endpoint Manager components but you will still be able to download SHA-1 content from external sites.
For more information about the BigFix Enhanced Security feature, the supported security configuration and enhanced security requirements evaluation, see Security Configuration Scenarios.