Changing security settings for an Analyzer

In a Real User Analyzer, a Security user can enable or disable security features for services.

To configure the following security features for services, point to Administration > Security settings and click Services.

Device management

  • SNMP — When SNMP is enabled, you can configure the system the system as a managed network device that sends SNMP traps.
  • SSH access — When SSH access is enabled, an Administrator can switch SSH access to the system command-line interface on and off.
  • Configuration API access — When configuration API access is enabled, you can configure the Watchpoints and custom fields via the Configuration API in addition to the web interface.
  • Alerts — When incident and error alerts are enabled, you can configure the system to send alerts via email to recipients when certain events occur.
  • Automatic device update checks — When automatic device update checks are enabled, the system automatically checks for software releases. These releases might consist of critical code updates or a firmware version with new features.
  • Secure REST APIs —

Data collection

  • The storage of raw site traffic data — When the data storage is enabled, the system stores data about individual hits, pages and sessions to support drilling down and export functionality in the Session Browser.

    Note

    Enabling or disabling session data storage does not impact other features, such as reports, Watchpoint streaming, and bulk data export.

    Tip

    Disabling this feature might increase the system performance.

    Warning

    Disabling this feature prevents any further data from reaching the Session Browser and renders the data storage configuration irrelevant.

User interface

  • Launching URLs in a browser window from the Session browser — When the URL launch feature is enabled, users can launch URLs from monitored traffic displayed in the web interface of the system.
  • A prelogin message — When the prelogin message is enabled, the system displays a custom message on the logon page.
     To customize this message, click Edit on the Action menu for Pre-login message. Maximum length of the message is 1024 characters, HTML is not allowed.

  • Automatic page reload — When automatic page reload is enabled, some pages automatically reload themselves after a predefined interval. This function is useful if you want to monitor data in near-real time without manually refreshing the page repeatedly.

    Note

    The automatic page-reload function might prevent inactive user sessions from timing out.

  • Inactive session timeout period — Click Edit on the Action menu for Inactive session timeout period.
    • Minimum: 5 minutes
    • Maximum: 48 hours


Data export

  • Bulk data export — When bulk data export is enabled, external applications can use the system as a source for data mining, warehousing, and other integrations (via HTTPS interfaces).
  • Watchpoint streaming — When enabled, external applications can tap directly into the system data-processing engine to receive real-time data feeds.

  • Nonsecure data transfer — By default, URL-based data exports (whether for export APIs or for Watchpoint streaming) use a secure connection (HTTPS). When nonsecure data transfer is enabled, you can specify that the actual data delivery might use a nonsecure connection (HTTP) to achieve faster transfer rates with minimal impact on the system.

    Note

    A request for nonsecure delivery is still required to perform authentication using a secure connection. The nonsecure data transfer flag is limited to allowing the actual delivery to be nonsecure.

Related topics

Configuring-account-access-policies-for-a-Collector
Configuring-access-policies-for-the-Console

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*