Chat now with support
Chat with Support

Foglight 5.9.5 - Security and Compliance Guide

Security overview
Foglight security measures Customer security measures Security features in Foglight Disclaimer
Security features for APM appliances Usage feedback Appendix: FISMA compliance

Disclaimer

Quest Software Inc. has made every effort to ensure that the information provided in this document is accurate. However, Quest makes no representation about the content and suitability of this information for any purpose. This information may be modified by Quest at any time. Nothing contained herein shall be construed as a warranty, express or implied, regarding the operation of Quest Software Inc. products.

 

Security features for APM appliances

A Foglight® monitoring environment may include one or more physical appliances and/or virtual appliances used for application performance monitoring (APM). This describes the security features present on the appliances.

 
* 
NOTE: If you are using Foglight Experience Monitor appliances and/or Foglight Experience Viewer appliances, this section does not apply. Review the guides provided with those products. For more information, see the Foglight Experience Monitor Security and Compliance Guide and the Foglight Experience Viewer Security and Compliance Guide.
Overview of APM appliances
Trust model
Multiple layers of defense
Restricted access to appliances
Logs for appliances
Data entry validation for APM dashboards
Installation of upgrades and patches
Customer data protection on appliances

Overview of APM appliances

Appliances can host one or more of the following software components: Management Server, Sniffer, and Archiver. Appliances with a Sniffer component are attached to the customer’s network where they passively monitor Web traffic. Sniffers capture, decrypt, and analyze the Web traffic, and transmit content and metrics to one or more Archivers within the same capture group as the Sniffer. Archivers receive the data from Sniffers, analyze the data, and maintain databases used for searching, reporting, and replay. Archivers send snapshots of collected data to the Management Server for display in top-level APM dashboards.

The following table describes the type of appliances that implement the security features discussed in the rest of this section. Appliances come with a predefined set of software components installed on the appliance. Appliances can be physical appliances (PowerEdge series hardware) or virtual appliances (VMware® vSphere®). Both physical and virtual appliances can exist in the same installation, with some restrictions.

 
Table 1. Appliance types
Appliance Type
Software Components
Available as a Physical Appliance
Available as a Virtual Appliance
All-in-One Appliance
Management Server
Archiver
Sniffer

Yes

No

APM Appliance
Management Server
Archiver

Yes

Yes, on separate virtual disks

Management Server Appliance
Management Server

Yes

Yes

Archiver Appliance
Archiver

Yes

Yes

Sniffer Appliance
Sniffer

Yes

Yes

Trust model

The following assumptions are made about the installed environment:
When more than one physical appliance is in use, the capture subnet ports are connected by a private cable (one Sniffer to one Archiver) or through a private network (when there is more than one Sniffer or Archiver).
An appliance’s control port is connected to the customer’s network. The IP addresses assigned within this network should preferably be private, that is, not directly accessible through the public Internet.
Only trusted, authorized personnel have physical access to the PowerEdge servers hosting physical appliances.
Only trusted, authorized personnel have user accounts on the appliances.
The password for the default setup account on each appliance is changed during the initial setup.
The password for the default foglight user in Foglight® is changed during the initial setup.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating