Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. IT Analytics Foundation License Inclusions and Implementation Guide
  3. Section III. Data Collector Policy Configuration and Reports
  4. Configure Backup Exec
  5. Upgrade troubleshooting: Microsoft SQL Server and Java 10
IT Analytics Foundation License Inclusions and Implementation Guide

Upgrade troubleshooting: Microsoft SQL Server and Java 10

With release version 10.3 introducing support for Java 10, older versions of MS SQL Server may encounter compatibility issues. The following section covers potential workarounds. Collection occurs from the Microsoft SQL Server database used by the system the data collector is collecting from. The version of Java used by IT Analytics version 10.3 disables some insecure TLS algorithms by default. If collection fails with the following error in the collector logs, the version of MS SQL Server may be incompatible and not allow collection using the TLS algorithms enabled by default with Java 10.

Failed to establish JDBC connection to: jdbc:jtds:sqlserver://...
java.sql.SQLException: Network error IOException: null
at net.sourceforge.jtds.jdbc.JtdsConnection.<init>(JtdsConnection.java:437)

Upgrade MS SQL Server to the latest version to enable secure collection. Your MS SQL Server version may not be supported for IT Analytics version 10.3. If upgrade is not possible, a workaround can be attempted to restore compatibility. If the following steps do not resolve the issue, your version of MS SQL Server is not supported.

Use the following steps to modify the enabled algorithms to allow communication with the data collector:

  1. Edit <collector install dir>/jre/conf/security/java.security.

  2. Search for jdk.tls.disabledAlgorithms.

  3. Copy the existing lines and comment (to have a backup for easy restore).

    #jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
    #    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
    jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
  4. Remove 3DES_EDE_CBC.

    #jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
    #    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
    jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224, DES40_CBC, RC4_40
  5. Save the file.

  6. Run checkinstall and verify collection succeeds.

    If checkinstall does not succeed, each of the following algorithms can be individually re-enabled in an attempt to restore compatibility.

  7. If checkinstall does not succeed, restore, remove RC4_40, save, re-run checkinstall.

    #jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
    #    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
    jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224, DES40_CBC, 3DES_EDE_CBC
  8. If checkinstall does not succeed, restore, remove DES40_CBC, save, re-run checkinstall.

    #jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
    #    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
    jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224, RC4_40, 3DES_EDE_CBC
    					
  9. If checkinstall does not succeed, restore, change the DH keySize as follows, save, re-run checkinstall.

    #jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
    #    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
    jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 768, \
    EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
  10. After a working configuration is found, restart the collector service.

Feedback

Was this page helpful?
Previous

Prerequisites for adding data collectors (Veritas Backup Exec)

Next

Installation overview (Veritas Backup Exec)

Feedback

Was this page helpful?