Details
DB2 supports a number of authentication mechanisms. It is recommended that the DATA_ENCRYPT authentication mechanism be used.
The DATA_ENCRYPT authentication mechanism employs cryptographic algorithms to protect the confidentiality of authentication credentials and user data as they traverse the network between the DB2 client and server.
Solution
The suggested value is DATA_ENCRYPT so that authentication occurs at the server. To set this:
1. Attach to the DB2 instance:
db2 => attach to $DB2INSTANCE
2. Run the following command from the DB2 command window:
db2 => update database manager configuration using authentication data_encrypt
Default Value:
The default value for AUTHENTICATION is SERVER.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.