Chat now with support
Chat with Support

Security Analytics Engine 1.2 - User Guide

Security Analytics Engine Overview Plugins Conditions Shared Policies Applications Auditing Issued Alerts Policy Overrides Fallback Password

GeoLocationPlugin Configuration

The following settings are available for the plugin in the Plugin Configuration section:

  • Maximum Days Tracking - This specifies the number of days to track the location data. By default, this is 30 days. The maximum number of days tracking data can be retained is 365 days.
(Optional) VPN Network Definitions

This section allows you to configure a list of IP/subnet network addresses associated with an internal network.

Click Add to display the following fields:

  • IP Address - This is for configuring an IPv4 or IPv6 address.
  • IP Subnet Mask - This is for configuring the optional IPv4 or IPv6 subnet mask.
  • Enable - Select this check box to enable the configured VPN network definition.
  • Delete - Click this button to remove the VPN network.

After modifying the plugin, click the Validate button in the lower right corner to check that the configuration is valid.

GeoLocationPlugin Conditions

The following types of conditions are available for this plugin:

LdapPlugin

The LdapPlugin supports the risk factors and identity information gathered from the LDAP server.

When viewing the plugin information on the Edit Plugin page, the top two fields provide information on the plugin and cannot be changed:

Instance Name

LdapPlugin1

Description

The LDAP plugin provides support for risk factors and identity information, gathered from LDAP server.

LdapPlugin Configuration

The following settings are available for the plugin in the Plugin Configuration section:

  • Server - This is the name (or IP address) of the LDAP server, Active Directory domain or the domain controller to which the Security Analytics Engine will connect. If the field is left empty, the domain controller of the current Active Directory domain is used.
  • Port - This is the TCP/IP port of the LDAP server. Active Directory uses ports 389 for LDAP and 3268 for Global Catalog. By default this is set to use port 389.
  • User Name - Enter the user name to use for connecting to the LDAP or Active Directory server.
  • Password - Enter the password for the specified user.
  • Base DN - This is the Base DN value for the LDAP server (e.g., dc=example, dc=com). If left empty, the Security Analytics Engine will attempt to automatically detect the Base DN.

After modifying the plugin, click the Validate button in the lower right corner to test the configuration.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating