Submit a ticketCall us

Training ClassThe Orion® Platform Instructor-led Classes

Provided by SolarWinds® Academy, these trainings will introduce users to the Orion Platform and its features, management, and navigation. These courses are suitable for users looking to discover new tips, tricks, and ways to adapt their Orion products to better suit their monitoring needs:
Deploying the Orion Platform
Configuring Orion views, maps, and accounts
Configuring Orion alerts and reports

Reserve your seat.

Home > Success Center > DameWare Remote Support & Mini Remote Control > DameWare - Knowledgebase Articles > DameWare encryption types

DameWare encryption types

Table of contents

Updated February 19, 2019

Overview

This article provides a summary of how Dameware secures the connection during the remote session. 

 

Dameware encryption:

Dameware MRC uses Microsoft’s built-in Cryptographic Service Providers & CryptoAPIs to provide strong encryption for authentication and remote sessions (key exchange). It encrypts all the credentials and other session information for all of its connections.  Also, MRC always uses multiple encryption algorithms (ciphers), and always tries to negotiate the strongest keys possible based on what the local and remote systems' Crypto Subsystem can be agreed upon.  
 
For direct connection:

DameWare MRC uses RSA BSAFE Crypto-C Micro Edition cryptography module which has met all Level 1 requirements for FIPS 140-2 compliance when operated in “FIPS Mode.” When this "FIPS Mode" option is set, the DameWare Mini Remote Control (DMRC) software will exclusively use the BSAFE Crypto-C ME FIPS 140-2 validated cryptographic library, which will only allow FIPS-approved encryption libraries and ciphers to be utilized.
 
For Internet Session:

RSA BSAFE Crypto-C Micro Edition + SSL (HTTPS) – MRC communication is encrypted using RSA BSAFE plus web communication uses HTTPS tunnel, so it is encrypted twice.

Environment

  • Dameware Remote Support (DRS) version 9 to 12.1.0
  • Dameware Mini Remote (MRC) version 9 to 12.1.0 

Steps

Refer to the following table for more information.

Connection initiator (name of machine or solution)

The receiver of connection (name of machine or solution)

 

Protocol (e.g. SCP, odbc ,.. ), port #

 

Encryption Method (e.g. TLS, SSH, )

 

Machine or User Authentication (e.g. certificates)

 

Data and flow direction (e.g. sending reports, receiving trades, ….)

 

Remote Control GUI

Remote Control Agent Service

 

TCP/6129

SSL, AES-256

NTLM/NTLMv2, Kerberos authentication

Remote Control Data

 

Remote Control GUI

DameWare Central Server

 

TCP/6133

SSL, AES-256

  • Windows authentication (use AD credentials used to log in to your machine and domain)
  • DameWare authentication, (your DameWare Central Server credentials).

Application License Access & Settings

 

Remote Control Agent Service

DameWare Central Server

 

TCP/6129

 

SSL, AES-256

There is no direct connection from the MRC agent to the Server (the DameWare Internet Proxy Server is between them).

 

Access Logging 

 

Remote Control Agent Service

 

DameWare Internet Proxy  Server

 

 

443

HTTP protocol over TLS/SSL

 

 

SSL

 

DameWare Server  SSL Certificate

 

A certificate for binding must include a private key. A certificate without a private key is rejected by Windows and cannot be used for encryption of communication from the central server and proxy.

 

Last modified

Tags

Classifications

Public