LANDesk® Management Gateway Encryption Update from MD5 to SHA-1 for PCI Compliance

Version 1

    May 20, 2009
    LANDesk® Management Gateway Appliance – PCI (Payment Card Industry) Support

     

    LANDesk engineering has recently completed an update to the security certificates used by the LANDesk® Management Gateway Appliance in order to allow our appliance to run in a PCI environment.  The LANDesk® Gateway Appliance will update the security algorithm from MD5 to SHA-1. SHA-1 is currently an approved level of security to qualify as a PCI compliant device.  This is in response to recent LANDesk customers requests to update our support to a PCI compliant level.

     

    A patch will be uploaded to the management gateway patch content servers on the evening of May 20th2009.  There is a dependency that must be applied on Management Gateway Appliances before this new patch will be available:

    The Broker-2.0-1.17 SHA-1 LANDesk Gateway Appliance Patch will not show up as an available patch on the LANDesk Gateway Appliance until the Openssl-0.9.8i patch is applied to the LANDesk®Management Gateway Appliance.

     

    LANDesk has also completed the work to allow for SHA-256 support which is even more secure, but a requirement to run at this level is to have our LANDesk Core servers run on Windows 2008 Server.  We look forward to introducing this additional support as part of the LANDesk “Pikes Peak” release later this year.