Communication and Connection Security

For security-conscious organizations that require standards based encryption for protecting data communication, SSL mode can be enabled to secure the communication between the MobiControl Device Agents on the device, the Deployment Servers and the MobiControl Manager consoles have this option enabled by default.

MobiControl's SSL communication mode uses the TLS (Transport Layer Security) v1.0 Cipher Suites of the Secure Channel (SChannel) Microsoft Security Support Provider (SSP), superseding the SSL v 3.0 protocol.  These cipher suites are implemented by the Microsoft Enhanced Cryptography Provider that is built into the Windows operating system on top of which the product runs.  The encryption meets the requirements specified in the Federal Information Processing Standards Publication (FIPS PUB) for FIPS PUB 140-2 Security Requirements.

The full list of Microsoft cipher suites available with SChannel TLS v1.0 is given below, listed in order from most secure to least secure:

TLS_RSA_WITH_RC4_128_MD5

TLS_RSA_WITH_RC4_128_SHA

TLS_RSA_WITH_3DES_EDE_CBC_SHA

TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

TLS_RSA_WITH_DES_CBC_SHA

TLS_DHE_DSS_WITH_DES_CBC_SHA

TLS_RSA_EXPORT1024_WITH_RC4_56_SHA

TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA

TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA

TLS_RSA_EXPORT_WITH_RC4_40_MD5

TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5

TLS_RSA_WITH_NULL_MD5

TLS_RSA_WITH_NULL_SHA

By default, MobiControl uses the TLS_RSA_WITH_RC4_128_MD5 cipher suite.  The selection is determined based on the minimum and maximum cipher suite strengths that are defined by the Windows operating system upon which the product runs.

SSL Configuration for Devices

Right-click on a target device or group in the device tree, click Configure Devices, then click Advanced Settings. Next, click the Configure SSL button and check the box next to Use SSL Security. Please see the Connection Security page for more information on the SSL options for configuration at the device or group level.