Due to recent security threats faced by companies such as malware there have been questions about data encryption support and SOLIDWORKS PDM. The following information describes the current support for SOLIDWORKS and PDM data encryption.
Local Disk Encryption
Currently, SOLIDWORKS does not test or validate specific disk encryption technologies. However, in most cases when the disk encryption is happening at the hardware or OS layer, there is likely no interference with SOLIDWORKS or PDM. Please consult with your IT to conduct testing with your specific encryption application. The following information describes what aspects of client and server data encryption are supported for PDM.
Encrypted File Systems (EFS)
Solution ID: S-017658
Does SOLIDWORKS® PDM support use of Microsoft® Encrypting File System (EFS) to secure traffic between archive servers and client machines?
SOLIDWORKS® PDM does not support the use of the Microsoft® Encrypting File System (EFS). Preliminary testing shows that enabling EFS on the vault view folder does not work because the SOLIDWORKS PDM Explorer shell extension is not EFS aware. Therefore, none of the files and subfolders within the vault view root folder will use EFS.
File traffic occurs over unencrypted TCP sockets between the clients and archive servers. In a Wide Area Network (WAN) environment, it is a recommendation to use VPN tunnels to secure the traffic or coordinate with your network team for alternative secure technologies. The only encrypted information is the logon information.
Details about support guidelines and policies for VPN (Virtual Private Network) can be found in the notes at the bottom of the SOLIDWORKS and SOLIDWORKS PDM System Requirements web page at:
https://www.solidworks.com/sw/support/SystemRequirements.html
SOLIDWORKS PDM Data Traffic Encryption
Solution ID: S-015879
Is data traffic between client and server in SOLIDWORKS® PDM encrypted and secure?
The following applies to encryption in a SOLIDWORKS® PDM environment:
- User credentials (username, password) are always sent encrypted between client and archive server.
- File traffic is sent over unencrypted TCP sockets between client and archive server. In a WAN environment it is recommended to use VPN tunnels to secure the traffic.
- SQL database traffic is by default unencrypted, but can be encrypted using Secure Sockets Layer (SSL). See details in solution document S-015136 accessible in SolidWorks Customer Portal.
- Web traffic is by default unencrypted but can be encrypted using SSL (HTTPS).
SOLIDWORKS PDM SQL Database Communication
Solution ID: S-015136
Is it possible to encrypt the SQL data transmitted between SOLIDWORKS0® PDM clients and Microsoft® SQL Server?
Yes, Microsoft SQL Server can use Secure Sockets Layer (SSL) to encrypt data that is transmitted across a network between an instance of SQL Server and a client. Use secure SQL communication over the network and have a certificate server, enable SSL encryption. Read more about this in the following MS Articles found here:
https://msdn.microsoft.com/en-us/library/ms189067.aspx
https://technet.microsoft.com/en-us/library/ms189067(v=sql.105).aspx
Also find information about using SSL in the SQL Server Books Online documentation.
Comments
Please sign in to leave a comment.