Security and Authentication
Purpose: Gathers together topics relating to security, encryption, authentication, and the like.
For database encryption, Genesys recommends using Transparent Data Encryption (TDE):
- Oracle 11Tablespace-level; see http://www.oracle-base.com/articles/11g/TablespaceEncryption_11gR1.php.
- MSSQL Server 2008Database-level; see http://msdn.microsoft.com/en-us/library/cc278098(SQL.100).aspx.
Do not use column-level encryption.
Security Log Filtering
UCS/CS supports Transport Layer Security (TLS) in various ways:
- For UCS, see Using TLS with UCS and related pages. The procedures described also apply to E-mail Server.
- For clients of UCS, see Using TLS with UCS Clients.
- UCS/CS also supports secure connections to Configuration Server.
When clients connect to UCS, there are two possible modes of authentication, specified by configuration options in the authentication section.
- Single-userClients connect using the user name and password specified by the UCS options username and password. This means all UCS clients must use the same credentials. To enable single-user authentication, give the mode option a value of single-user.
- Multi-UserClients are configured as Persons in the Configuration Layer, and connect to UCS using the user name and password specified by their Person object. This means that each client can have its own credentials. To enable multi-user authentication, give the mode option a value of multi-user.
These and all other UCS/CS options are described on the Configuration Options page.
Role-Based Access Control
Role-based access control is available in UCS/CS starting in release 8.1.0. See