Does ClearPass support encrypted communication to MS SQL databases?
ClearPass can communicate with SQL data sources for authentication & authorization purposes. Such connections are established without any additional security on them, such as requiring SSL.
Given certain authentication options such as MSCHAPv2 require the extraction of cleartext passwords from the SQL server, it forms a good security practice to enable SSL connectivity on these connections. Similar structures exist for other authentication sources such as AD/LDAP servers.
ClearPass now supports encrypted communication to MS SQL databases.
In CPPM side, we are not going to set anything to force for the encrypt connection. If the server configured for force encryption, then automatically the encrypt connection will establish.
So starting from 6.4, CPPM automatically establish the encrypt connection, if the MSSQL server has the encrypt support enabled on it.