立即与支持人员聊天
与支持团队交流

Security Analytics Engine 1.1 - User Guide

Security Analytics Engine Overview Plugins Conditions Shared Policies Applications Auditing Issued Alerts Policy Overrides Fallback Password Security Settings Glossary

Security Analytics Engine Overview
Introduction
Launch the Security Analytics Engine Administration web site
Web site components

Introduction

The Security Analytics Engine from Dell™ provides an additional level of security that can be customized to fit the needs of every application. The Security Analytics Engine works by monitoring users and browsers to ensure they are not accessing applications from locations, networks, etc. that are potentially unsafe, thus reducing the threat of a malicious user or browser gaining access to your application.
How the Security Analytics Engine works
When a user attempts to access an application which uses the Security Analytics Engine, they are evaluated by a customizable risk policy to determine the risk of allowing the user access. Each risk policy is made up of conditions and modifiers which have assigned scores. For each access attempt these conditions and their associated modifiers are evaluated individually, and a single risk score is then calculated using all of the condition scores.
For example, a user could log into an application using an abnormal browser while also using a weak method of authentication. The risk policies allow you to take these two types of behavior into account by letting you apply modifiers to conditions in cases where additional circumstances may affect the risk from a triggered condition. The conditions are assigned a condition score and the modifiers are then able to increase or lessen that condition score if they are triggered at the same time. So in this case, by triggering both the abnormal browser condition and its associated weak authentication modifier, the configured condition score is further increased due to the modifier.
A condition can also have no impact on a risk score when triggered if there is a modifier applied which is configured to cancel out the condition score. If the user using an abnormal browser is also on a configured whitelist, the whitelist modifier could be applied to have a zeroing effect on both the condition it is associated with and any other modifiers that are also triggered. Assuming no other conditions are triggered, this would cause a risk score of 0 for the access attempt.
The Security Analytics Engine also allows you to include conditions without modifiers associated with them. For example, the earlier access attempts probably would not be as much of a security threat as someone that logs in from an IP address that is associated with malware. Configuring a risk policy to give the highest risk score to potential malware infected access attempts means that even if the user appears on a whitelist being used as a modifier to negate a different condition they will still receive the highest risk score.
The risk score that is calculated for each access attempt is then sent to the application which uses the risk score to determine whether to allow access, request additional authentication information from the user before allowing access, or deny access. A user may also contact a help desk operator for further assistance if they are unable to access an application due to a high risk score.
* 
NOTE: Help desk operators should see the Security Analytics Engine Help Desk User Guide for more information.

Launch the Security Analytics Engine Administration web site

You can access the Security Analytics Engine Administration web site from any computer that has network access to the server.
To launch the fallback login page of the Security Analytics Engine Administration web site
* 
NOTE: The first time the Security Analytics Engine Administration web site is launched, you are prompted to create a fallback password that is required for all future fallback logins. The fallback password can later be changed using the Fallback Password page of the Security Analytics Engine Administration web site.
Once logged in using the fallback password, the Security Analytics Engine can be configured to accept Active Directory® or LDAP credentials from the Security Settings page of the Administration web site.
1
Open your web browser and enter the URL for the fallback login page of the Security Analytics Engine Administration web site:
https://<server>/SecurityAnalyticsEngine/Fallback
* 
NOTE: Where <server> is the IP address or host name (or ‘localhost’) of the server where you installed the Security Analytics Engine.
2
When the web site is launched, enter the fallback password in the Password field.
3
Click Log in.
4
The Home page of the Security Analytics Engine Administration web site appears.
To launch the Security Analytics Engine Administration web site
* 
NOTE: Once the Security Analytics Engine has been configured to accept Active Directory or LDAP credentials from the Security Settings page of the Administration web site, the following procedure is used for non-fallback logins.
1
Open your web browser and enter the URL of the Security Analytics Engine Administration web site:
https://<server>/SecurityAnalyticsEngine
* 
NOTE: Where <server> is the IP address or host name (or ‘localhost’) of the server where you installed the Security Analytics Engine.
2
When the web site is launched, enter your username and password.
3
(Optional) Select the Keep me logged in check box to remain logged in to the Security Analytics Engine Administration web site until the Log Out option is selected.
4
Click Log in.
5
The Home page of the Security Analytics Engine Administration web site appears.

Web site components

The Security Analytics Engine Administration web site consists of the following components allowing you to navigate and use the Security Analytics Engine Administration web site.
Heading bar
Main web pages
Navigating the Security Analytics Engine Administration web site
Filter data
自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
RSS订阅源
联系我们
获得许可 帮助
技术支持
查看全部
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级