The encryption mode is used to ensure the security for data transmitted over an insecure channel and to avoid the possible disclosure of valuable information and substitution of software downloaded to the protected stations.
Dr.Web Enterprise Security Suite anti-virus network uses the following cryptographic means:
•electronic digital signature (GOST R 34.10-2001),
•asymmetric encryption (VKO GOST R 34.10-2001 – RFC 4357),
•symmetric encryption (GOST 28147-89),
•cryptographic hash function (GOST R 34.11-94).
Dr.Web Enterprise Security Suite anti-virus network allows to encrypt the traffic between Dr.Web Server and the following clients:
•Dr.Web Agents,
•Dr.Web Agent installers,
•neighbor Dr.Web Servers,
•Dr.Web Proxy-servers.
As traffic between components, in particular the traffic between Dr.Web Servers, can be considerable, the anti-virus network provides for compression of this traffic. The setting of the compression policy and the compatibility of settings on different clients are the same as those for encryption.
Settings Compatibility Policy
The encryption and compression policy is set separately for each component of the anti-virus network, at this, settings of other components should be compatible with the settings of the Dr.Web Server.
When coordinating encryption and compression settings on the Dr.Web Server and a client, please consider that certain combinations are incompatible and, if selected, will result in disconnecting the client from the Dr.Web Server.
Table below describes what settings provide the connection between the Dr.Web Server and the clients encrypted/compressed (+), when the connection will be non-encrypted/uncompressed (–) and what combinations are incompatible (Error).
Compatibility of the encryption and compression policy settings
Client settings |
Dr.Web Server settings |
||
|---|---|---|---|
Yes |
Possible |
No |
|
Yes |
+ |
+ |
Error |
Possible |
+ |
+ |
– |
No |
Error |
– |
– |
|
Encryption of traffic creates a considerable load on computers those capacities are close to the minimal system requirements for the components installed on them. So, when traffic encryption is not required to provide additional security, you can disable this mode. To disable encryption mode, you should step by step switch the Dr.Web Server and other components to the Possible mode first, avoiding formation of incompatible client-Dr.Web Server pairs.
Using the compression mode reduces traffic, but considerably increases the memory usage and the computational load on computers, more than the encryption. |
