Security and Authentication

Purpose: Gathers together topics relating to security, encryption, authentication, and the like.

Database Encryption

For database encryption, Genesys recommends using Transparent Data Encryption (TDE):

Do not use column-level encryption.

You can use configuration options in the log-filter and log-filter-data sections to control how or whether user data keys appear in the logs.

UCS/CS supports Transport Layer Security (TLS) in various ways:

For UCS, see Using TLS with UCS and related pages. The procedures described also apply to E-mail Server.
For clients of UCS, see Using TLS with UCS Clients.
UCS/CS also supports secure connections to Configuration Server.

When clients connect to UCS, there are two possible modes of authentication, specified by configuration options in the authentication section.

Single-userClients connect using the user name and password specified by the UCS options username and password. This means all UCS clients must use the same credentials. To enable single-user authentication, give the mode option a value of single-user.
Multi-UserClients are configured as Persons in the Configuration Layer, and connect to UCS using the user name and password specified by their Person object. This means that each client can have its own credentials. To enable multi-user authentication, give the mode option a value of multi-user.

These and all other UCS/CS options are described on the Configuration Options page.

Role-based access control is available in UCS/CS starting in release 8.1.0. See