Chat now with support
Tchattez avec un ingénieur du support

Foglight Experience Monitor 5.8.1 - Security and Compliance Field Guide

Secure use of customer's private keys

In addition to monitoring regular HTTP traffic, FxM also provides the option of monitoring Secure Socket Layer traffic (SSL/TLS). To enable the option of monitoring SSL traffic, customers need to upload their private SSL encryption keys to FxM via the web console. These keys are naturally of high sensitivity to customers, so FxM stores the keys in a local file with restricted access and encrypts the file using the AES-256 data encryption algorithm.

FxM can also use private keys stored in a SafeNet Hardware Security Modules (HSMs) server to decrypt secure traffic. FxM accesses and uses SafeNet private keys in a secure manner consistent with the SafeNet HSM model. In particular:

SQL database access

All metrics in FxM are stored in databases using MySQL®. These metrics can be accessed externally using a tool like Toad® for MySQL. By default, remote database access is disabled when creating a new user, but the administrator can configure FxM to open up this access. This account cannot make any changes to the databases and has only the following privileges in MySQL:

When remote access is enabled for one or more users, port 3306 is opened in the appliance’s firewall.

Foglight Experience Viewer integration

FxM can be integrated with the Foglight Experience Viewer (FxV) appliance. For detailed information about FxM-FxV integration, see section “Connecting to the Foglight Experience Viewer” in the Foglight Experience Monitor Installation and Administration Guide.

FxV can capture, store, and play back the entire session for every user, providing monitoring, alerts on content, statistics for known problem outcomes, and robust search functionality for newly discovered problems. Sessions can be replayed as the user experienced them through the same browser software, or displayed as the original HTML code delivered by the system.

The combination of FxM and FxV results in more user data being captured and stored (on the FxV appliance) than described in section Protection of customer’s data. For detailed information about the security features provided by the FxV appliance, see the FxV Security and Compliance Field Guide.

Product updates

This section contains the following topics:

Documents connexes