立即与支持人员聊天
与支持团队交流

Foglight 6.3.0 - Security and Compliance Guide

Security overview
Foglight security measures Customer security measures Security features in Foglight FIPS-compliant mode Disclaimer
Usage feedback Appendix: FISMA compliance

Database repository

Collected data from Foglight® agents is stored in the repository database, which is protected through user access control. This data contains collected metrics and statistics about the systems on the monitored hosts, as well as agent configuration parameters.

Protection of communicated data

The Management Server's Web application server supports the use of TLS, in order to protect Foglight® users' login credentials. Foglight provides its own self-signed TLS certificate on the Web application server, and enables customers to provide a replacement TLS certificate of their choice. TLS certificates are managed through the JavaTM keystore on the Management Server.

Basic HTTP (non-TLS) access can be disabled by disabling the HTTP port on the server. This disables both HTTP access to the Management Server browser interface and HTTP communication for agents that use the XML-over-HTTP protocol, forcing the use of HTTPS connections.

Web application security

The Management Server's Web application server supports the use of TLS, in order to protect Foglight® users' login credentials. Foglight provides its own self-signed TLS certificate on the Web application server, and enables customers to provide a replacement TLS certificate of their choice. TLS certificates are managed through the JavaTM keystore on the Management Server.

Basic HTTP (non-TLS) access can be disabled by disabling the HTTP port on the server. This disables both HTTP access to the Management Server browser interface and HTTP communication for agents that use the XML-over-HTTP protocol, forcing the use of HTTPS connections.

Communication between Management Server and agents

Most Foglight® agents communicate with the Management Server through the included client application, the Agent Manager. The exceptions are the Java EE Technology agents that communicate with the Management Server across a separate binary protocol, and agents that use the low level XML over HTTP(S) data submission option. When activating an agent it is necessary to communicate its properties, which may include login credentials for accounts on the monitored host.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级