Automatic encryption at rest for key product files

Starting from this release, key HCL Workload Automation files are automatically encrypted for all fresh installations using AES-256 or AES-128 cryptography.

Data breaches are becoming more and more common and pervasive in today's business world. Encryption is a key feature when it comes to protect sensitive data, such as the data at rest stored in your Symphony plan or message queues. For this reason, all fresh installations starting from this release automatically encrypt key product files using AES-256 or AES-128 cryptography.

Data at rest means data is not being accessed or used but instead stored on your computer, external hard drive, cloud storage, server, or database. Encryption at rest ensures that this data is protected and encrypted.

If you want HCL Workload Automation to encrypt files such as the Symphony file, messages queues, and the useropts file at runtime, you do not need to take any actions. By default, the product is automatically encrypted without your intervention. You can also define the folder containing the certificates and the certificates password using the sslpassword and sslkeysfolder parameters when installing the master domain manager and agents, both fault-tolerant agents and dynamic agents.

You can optionally avoid the encryption at installation time, by setting the useEncryption parameter in the serverinst and twsinst commands to false.

For more information, see Automatic encryption for key product files, Server components installation - serverinst script, and Agent installation parameters - twsinst script.