Given that we're deploying the agents into our production infrastructure; what is the recommendation for connectivity?
Should be use https or is the connection between the CA Lisa NES and Agent secure anyway jsut running http?
Has CA Lisa under gone any security penetration testing?
The connection between execution servers and agents uses Nimi and you can modify the Nimi config to utilise TLS, when you define the connection between NAC and Execution Server you can choose to use Https or Http. The question as to weather you should enable this level of encryption depends on the policy of your production network but it would be interesting to hear from other Release Automation users how they configure this.
I dont manage our CA Lisa service, but given that I'm promoting the tool to be used for deployment I'm interested in understanding security implications of deploying the agents to our infrastructure. AT least I can now ask an intelligent question of the service manager.
If anyone else can share their experience of securing their implementation that would be most helpful