https://community.splunk.com/t5/Splunk-Enterprise/authentication-mechanism-between-deployment-server-and/m-p/508115#M2493 <P>By default, there is no authentication between the deployment server and its clients.&nbsp; Connections are accepted from forwarders based on the whitelist and blacklist settings.&nbsp;</P><P>You can add security by using certificates.&nbsp; See&nbsp;<A href="https://docs.splunk.com/Documentation/Splunk/8.0.4/Security/Securingyourdeploymentserverandclients" target="_blank">https://docs.splunk.com/Documentation/Splunk/8.0.4/Security/Securingyourdeploymentserverandclients</A></P> Wed, 08 Jul 2020 14:47:30 GMT richgalloway 2020-07-08T14:47:30Z https://community.splunk.com/t5/Splunk-Enterprise/authentication-mechanism-between-deployment-server-and/m-p/508000#M2482 <P>Hi All,</P><P>I have done a deployment server setup with over 20 machines. The deployment setup is working fine.</P><P>The security team has come up with a question regarding the communication between the splunk deployment server and the forwarders.</P><P>They wanted to know whether there is any API key through which authentication happens when the forwarders contacts the deployment server.</P><P>Is there any other authentication mechanism which takes place in this communication.</P><P>Any information would be helpful.</P><P>&nbsp;</P><P>Thanks</P> Wed, 08 Jul 2020 07:40:50 GMT https://community.splunk.com/t5/Splunk-Enterprise/authentication-mechanism-between-deployment-server-and/m-p/508000#M2482 naagaraj 2020-07-08T07:40:50Z https://community.splunk.com/t5/Splunk-Enterprise/authentication-mechanism-between-deployment-server-and/m-p/508115#M2493 <P>By default, there is no authentication between the deployment server and its clients.&nbsp; Connections are accepted from forwarders based on the whitelist and blacklist settings.&nbsp;</P><P>You can add security by using certificates.&nbsp; See&nbsp;<A href="https://docs.splunk.com/Documentation/Splunk/8.0.4/Security/Securingyourdeploymentserverandclients" target="_blank">https://docs.splunk.com/Documentation/Splunk/8.0.4/Security/Securingyourdeploymentserverandclients</A></P> Wed, 08 Jul 2020 14:47:30 GMT https://community.splunk.com/t5/Splunk-Enterprise/authentication-mechanism-between-deployment-server-and/m-p/508115#M2493 richgalloway 2020-07-08T14:47:30Z https://community.splunk.com/t5/Splunk-Enterprise/authentication-mechanism-between-deployment-server-and/m-p/508132#M2501 <P>Hi Richgalloway,</P><P>&nbsp;</P><P>Thanks for your reply.&nbsp;</P><P>Do u also know if the certificates can also be pushed from deployment server to the clients similar to configurations.</P><P>Thanks</P> Wed, 08 Jul 2020 15:17:46 GMT https://community.splunk.com/t5/Splunk-Enterprise/authentication-mechanism-between-deployment-server-and/m-p/508132#M2501 naagaraj 2020-07-08T15:17:46Z https://community.splunk.com/t5/Splunk-Enterprise/authentication-mechanism-between-deployment-server-and/m-p/523755#M3709 <P>Yes you can push out certificates just remember the password will need to be pushed along with it and it will be hashed by each machine it gets installed on</P> Thu, 08 Oct 2020 17:00:42 GMT https://community.splunk.com/t5/Splunk-Enterprise/authentication-mechanism-between-deployment-server-and/m-p/523755#M3709 JBsplunkIT 2020-10-08T17:00:42Z