Chapter 8 Appendix A: Server Sensor Mutual Authentication - AirTight SS-300-AT-C-60 Installation Manual

Chapter 8 Appendix A: Server Sensor Mutual Authentication
The Sensor‐Server communication begins with a mutual authentication step in which the Sensor and Server authenticate each
other using a shared secret. Sensor‐Server communication takes place only if this authentication succeeds.
Once authentication succeeds, a session key is generated. All communication between the Sensor and Server from this point
on is encrypted using the session key.
The Sensor and Server are shipped with the same default value of the shared secret. The CLI commands are provided on both
Server and Sensor for changing the shared secret.
Note: Once the shared secret (communication key) is changed on the Server, all Sensors connected to the Server will automatically be
setup to use the new communication key. Sensors that are not connected to the Server at this time will need to be setup with the same
communication key for them to be able to communicate with this Server.
Note: While the Server is backward compatible, that is, pre version 6.7 Update 1 Sensors can connect to a version 6.7 Update 1 Server, this
is not recommended. Once all Sensors have been upgraded to version 6.7 Update 1, the set sensor legacy authentication CLI command
can be used to disable older Sensors from connecting to the Server.
21
SS‐300‐AT‐C‐60 Installation Guide