Chat now with support

Get Live Help
Complete Registration

Sign In

Request Pricing

Contact Sales

Foglight Experience Monitor 5.8.1 - Security and Compliance Field Guide

Table of Contents

FxM security overview FxM security features

Multiple layers of defense

Layer 1: Firewall Layer 2: Port scan detection and blocking tool Layer 3: Customized operating system distribution Layer 4: Apache Server configuration

User authentication and access control

FxM user authentication Foglight user authentication User authorization and privileges Strong passwords

Restricted access to the appliance

FxM access ports Secure network communication Data encryption Configuration parameters and files Defense against denial-of-service attacks Defense against web console exploits Auditing IPv6 508 compliance

User data protection

Protection of customer's data Secure use of customer's private keys SQL database access Foglight Experience Viewer integration

Product updates

Installation of FxM patches Monitoring of embedded third party components Operating system security updates

Appendix: FxM and FISMA compliance

FISMA overview NIST 800-53 categories

IPv6

Foglight Experience Monitor does not currently support IPv6. This functionality is planned for future releases.

508 compliance

The FxM’s web interface is Section 508-compliant. For details about how to enable this feature, see section “User account management” in the Foglight Experience Monitor Installation and Administration Guide.

Section 508 was enacted to eliminate barriers in information technology, to make available new opportunities for people with disabilities, and to encourage development of technologies that help achieve these goals. The law applies to all Federal agencies when they develop, procure, maintain, or use electronic and information technology. Under Section 508 (29 U.S.C. ‘794d), agencies must give to disabled employees and members of the public access to information that is comparable to the access available to others. It is recommended that you review the laws and regulations listed below to further your understanding about Section 508 and how you can support implementation. You can view web-based Intranet and Internet Information and Applications under section 1194.22.

User data protection

This section contains the following topics:

•

Protection of customer’s data

•

Secure use of customer’s private keys

•

SQL database access

•

Foglight Experience Viewer integration

Protection of customer's data

Protection of customer’s data

FxM has no intrinsic knowledge of the applications that it monitors. The system analyzes network packets on the fly, and then discards them.


	NOTE: Packets are not discarded if FxM is integrated with Foglight Experience Viewer. For more information, see Foglight Experience Viewer integration.

The network packets are never saved to the storage device in the system. FxM does store information about HTTP requests, including URLs, timing information, and customer defined variables. If configured to do so, FxM can retain the login names for customers’ applications, but not the passwords. This is done by identifying the “login variable” names and by recording these variables, which are usually transmitted in a query, form (or POST, GET), or cookie variable specific to the application. When enabled, this feature allows examination of metrics for individual user sessions identified by the specified login variables. All of FxM’s collected metrics are retained in a secure database that can only be accessed with an authorized login name and password. These metrics may contain sensitive data and should be handled accordingly. For more details, see section “Identifying user sessions” in the Foglight Experience Monitor Installation and Administration Guide.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating

© 2023 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center