AlienVault Unified Security Management for Government v4.12 & RT Logic CyberC4:Alert v4.12 User Management Guide

Similar documents
User Management Guide

Using the Content Distribution Manager GUI

Assets, Groups & Networks

DocuSign for SharePoint Online v2.4

Human Computer Interaction Final Project Tutorial. Hardware Inventory Management System (HIMS) By M. Michael Nourai

henry schein secure chart patient portal

How to send s triggered by events

Table of Contents INTRODUCTION... 2 HOME PAGE Announcements... 7 Personalize & Change Password... 8 Reminders... 9 SERVICE CATALOG...

AlienVault. Unified Security Management 5.x Configuring a VPN Environment

Strategic Asset Tracking System User Guide

Fax User Guide 07/31/2014 USER GUIDE

Web Work Module User s Guide

How To Log On To The Help Desk On Manageengine Service Desk Plus On Pc Or Mac Or Macbook Or Ipad (For Pc Or Ipa) On Pc/ Mac Or Ipo (For Mac) On A Pc Or Pc Or Mp

Education Solutions Development, Inc. APECS Navigation: Business Systems Getting Started Reference Guide

Baylor Secure Messaging. For Non-Baylor Users

Usermanual Active Tracing 3.3. Full Visibility. Complete chain of consignment tracking and paperless proof of delivery

Table of Contents INTRODUCTION...2 HOME PAGE...3. Announcements... 6 Personalize... 7 Reminders... 9 Recent Items SERVICE CATALOG...

PHI Audit Us er Guide

SARS Anywhere Student Appointment and Scheduling System

Project Management WalkThrough

Telephony Toolbar Corporate. User Guide

AdventNet ManageEngine SupportCenter Plus :: User Guide. Table Of Contents INTRODUCTION... 3 REQUEST Creating a New Request...

Version End User Help Files. GroupLink Corporation 2014 GroupLink Corporation. All rights reserved

Version End User Help Files. GroupLink Corporation 2015 GroupLink Corporation. All rights reserved

ONLINE TEST ADMINISTRATION

BIG LOTS VENDOR COMPLIANCE WEB PORTAL USER GUIDE - VENDOR 300 PHILLIPI RD. COLUMBUS, OH 43228

Course Inventory Management System: Beginners Guide

Unified Security Management (USM) 5.2 Vulnerability Assessment Guide

User Guide. Voice Services Self Care Portal. Logging In. Welcome to the Self Care Portal

AT&T Business Messaging Account Management

CJIS Online Security Awareness Training. Vendor Guide

IBM Information Server

- Spam Filtering

Managing Identities and Admin Access

Montgomery County Public Schools. MCPS Careers Applicant Tracking System (ATS) Hiring Manager User Guide

How do I share a file with a friend or trusted associate?

Bank OnLine Commercial Administrator User s Guide

Using the SB Partners Client Web Portal

Managed Security Web Portal USER GUIDE

Grant Management System Training Guide Module 1 Getting Started Accessing Your System Ver 6.1 Updated:

Table of Contents INTRODUCTION... 2 HOME Dashboard... 5 Reminders... 8 Announcements Preferences Recent Items REQUESTS...

DocuSign Connect for Salesforce Guide

Installation & Configuration Guide Professional Edition

NCAA Single-Source Sign-On System User Guide

Administering Cisco ISE

USER MANUAL (PRO-CURO LITE, PRO & ENT) [SUPPLIED FOR VERSION 3]

Parental Control Setup Guide

How to Create User-Defined Fields and Tables

AlienVault. Unified Security Management (USM) 5.1 Running the Getting Started Wizard

EMC Smarts Network Configuration Manager

System Administration and Log Management

MultiSite Manager. User Guide

IceWarp Notifier User Guide

The Welcome screen displays each time you log on to PaymentNet; it serves as your starting point or home screen.

CJIS Online Security Awareness Training. TAC Guide

Applicant Tracking System Job Aids. Prepared by:

Charter Business Phone. Online Control Panel Getting Started Guide. Document Version 1.0

Salesforce Customer Portal Implementation Guide

SECURE MOBILE ACCESS MODULE USER GUIDE EFT 2013

Selection Manager: Quick Start Guide

USING THE ADMIN MENU SELECTION IN THE MY MEMBERSHIP RECORD ONLINE

USER S MANUAL. ArboWebForest

Behavioral Health System

The HealthStream Learning Center

Online Backup Management Console 3.8 User Manual

ACHieve Access 4.3 User Guide for Corporate Customers

Polar Help Desk 4.1. User s Guide

DIIMS Records Classifier Guide

TM SysAid Chat Guide Document Updated: 10 November 2009

IT HELP Desk Dashboard ManageEngine Service Desk Plus User Guide

Fixes for CrossTec ResQDesk

User Guide. SysMan Utilities. By Sysgem AG

Client Timesheet and Expense Instructions Page 1

OIG 11G R2 PS2 Field Enablement Training

SYSTEM REQUIREMENTS... 5 FREE RESOURCES... 6 GETTING STARTED...

Brother Automatic Printing OPERATION MANUAL

SuccessFactors Learning: Scheduling Management

Customer admin guide. UC Management Centre

EM Single Sign On 1.2 (1018)

STAAR Assessment Management System User s Guide. STAAR Grades 3 8 and End-of-Course Assessments

QUICK START FOR COURSES: USING BASIC COURSE SITE FEATURES

SOS SO S O n O lin n e lin e Bac Ba kup cku ck p u USER MANUAL

Introduction to IBM Digital Analytics Michigan.gov

Installation Guides - Information required for connection to the Goldfields Institute s (GIT) Wireless Network

DocuSign for Salesforce Administrator Guide v6.1.1 Rev A Published: July 16, 2015

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

exacqvision Web Server Quick start Guide

McAfee Endpoint Encryption Reporting Tool

USERS MANUAL FOR OWL A DOCUMENT REPOSITORY SYSTEM

Note: Files contained within the root of My Files & Folders will always be synced.

Sign in. Select Search Committee View

How to integrate Verax NMS & APM with Verax Service Desk

Cypress Connexion HELP Guide

Internet Explorer 7. Getting Started The Internet Explorer Window. Tabs NEW! Working with the Tab Row. Microsoft QUICK Source

SuccessMaker Learning Management System User s Guide Release 1.0

How to use SURA in three simple steps:

Aventail Connect Client with Smart Tunneling

Last updated: October 4, einvoice. Attorney Manual

WebEx Meeting Center User Guide

Fleet Manager II. Operator Manual

Transcription:

& RT Logic CyberC4:Alert v4.12 Copyright 2016 AlienVault. All rights reserved.

DOCUMENT HISTORY AND VERSION CONTROL Edition Date of Issue Description of Change(s) 01 08/01/15 Initial Version AlienVault, Open Threat Exchange and Unified Security Management are trademarks of AlienVault. All other company and product names mentioned are used only for identification purposes and may be trademarks or registered trademarks of their respective companies.

TABLE OF CONTENTS... 1 Table of Contents... 3 1. Introduction... 4 2. Logging into AlienVault USM... 4 3. MAIN WINDOW... 5 4. HOW TO VIEW MY PROFILE... 6 5. HOW TO VIEW CURRENT SESSIONS... 8 6. HOW TO VIEW USER S ACTIVITY... 9 7. HOW TO MANAGE USERS... 12 7.1. Create a new user... 13 7.2. Modify a user... 15 7.3. Duplicate selected user... 18 7.4. Multilevel Tree... 19 7.5. Users Activity... 20 7.6. Enabled and not enabled users... 21 7.7. Templates... 22 7.7.1. Create a new template... 23 7.7.2. Modify a template... 23 7.7.3. Delete a selected template... 25 AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 3 of 25

1. INTRODUCTION To access the information collected and generated by AlienVault, it is necessary to have a user registered in AlienVault USM. The installation creates a default user who can enter into the system for a first time in order to create and set permissions for other users. It is not possible to enter the system without a user name and a password. This default user has as username admin and as password admin. After the first successful login with the user admin, it is recommended to change the password for this user. 2. LOGGING INTO ALIENVAULT USM The first screen that appears after writing a valid IP address on a web browser is similar to the following: Figure 1. Entering AlienVault USM: user identification If this is the first time you enter into the system, this user name and password will be those you entered in the Welcome Screen : AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 4 of 25

Figure 2. Entering AlienVault USM: welcome screen 3. MAIN WINDOW The main window includes the following parts: 1. Utility Menu: Welcome <user>; Settings; Support; Logout. 2. Primary Menu: Dashboards; Analysis; Environment; Reports and Configuration buttons. 3. Help Button. AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 5 of 25

4. Secondary Menu related to a specific functionality. This secondary menu changes depending on what option is activated. 5. Notification / Environment Snapshot Tray. This information is accessed through clicking on the right tab. Figure 3. Main window and its parts 4. HOW TO VIEW MY PROFILE This option is available for all users. It displays the data of the user who has entered in the system. To view your own profile, choose on the Utility Menu Settings > My Profile : AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 6 of 25

Figure 4. Main window and its parts All fields that appear can be modified except the User login field. User login. Credential required to access to AlienVault USM. It refers to the nickname that the user will use to open a session in the system. User name. This field refers to the real user name. User email. This is the e-mail address of the user. It is used to send notifications, reports, etc., to the user. User language. The interface is translated into several languages and it is possible to select a language between those configured. The configured languages are: English, Chinese simplified, Chinese traditional, French, German, Portuguese and Spanish. Timezone. This field refers to the time zone (region in Earth) where the user is located. As there may be multiple users across the globe, they will use different time zones. If you modify any field, you should click on SAVE to make changes take effect. It is compulsory to fill in all fields except User email AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 7 of 25

5. HOW TO VIEW CURRENT SESSIONS All users can view their own current session. Users having an administrator profile can view current sessions of all users. It displays a list of users that are inside the system at that moment. There are user profiles, so, depending on the assigned permission to each user, this list will display all users (admin user) or the information related to the current user. Choose on the Utility Menu Settings > Current Sessions to view current sessions in the system: Figure 5. Current Sessions being admin user This screen includes the following parts:. This button is used to refresh data.. This field allows the user to enter search criteria. Press Enter key to start the search. Username. This field refers to the user login that allows the user to gain access to AlienVault USM. Users can choose their own name. IP Address. This IP refers to the IP address that each user is using to connect to the product. Hostname. It is a label assigned to the computer connected to the network. Agent. It refers to the web browser used by the user. AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 8 of 25

Session ID. This field refers to the internal name of the user and identifies the session of that user. Logon. It refers to the time and the hour at which the user has entered into the system. Last activity. It informs about how long has passed since the user stopped doing things in the system. Actions ( ). It is used to log out users. Last line (SHOWING x TO x OF x ENTRIES). This part is useful when there are a lot of users in the system. It indicates the total number of users logged at that moment in the system. Last line, right part ( ). It is used to pass from one page to another, in case of having several pages. If there is only a page, these buttons appear deactivated. The number in the middle indicates the page where the user is in that moment. The button is used to order the data in ascending or descending order. Note that the session list cannot be deleted. 6. HOW TO VIEW USER S ACTIVITY This option is only available for users having an administrator profile. It displays a list about the activity of each user. This list is useful in order to control what each user has done inside the system. Choose on the Utility Menu Settings > User Activity to view the user activity in the system: AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 9 of 25

Figure 6. User Activity This screen includes the following parts: User Activity Filter. This functionality allows the user to execute searches by several filters. These filters are Date range, User and Action. Date range. It is possible to configure a search by range of date, the button must be clicked. Click on the day you want to start the date range and, then, click on the day you want to close the date range. The highlighted days refer to the date range, which was previously selected. This date appears in the fields From and to. User. It is possible to configure a search by activity of a user by clicking on the User combo box and selecting one of them. AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 10 of 25

Figure 7. User Activity: configure a filter by user Action. It is also possible, configure a search by action. Actions are already set in the system. Click on the Action combo box and select an action. Figure 8. User Activity: configure a filter by action Once the filters have been set, click on View to execute a search, which will follow those criteria. Indication of pages (<PREVIOUS NEXT>). This button is used to view the previous and next items in the list. AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 11 of 25

Date. This is the date when the action has been done. User. This field refers to the user login that allows the user to gain access to AlienVault USM. Users can choose their own name Source IP. This IP refers to the IP address that each user is using to connect to the product. Code. This is a number, which identifies each action. Action. This is the description of the action that the user has made. Note that the audit events cannot be deleted. 7. HOW TO MANAGE USERS This option is only available for users having an administrator profile. Choose on the Primary Menu Configuration > Administration and then, on the Secondary Menu Users to manage users: Figure 9. User s management: main window AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 12 of 25

This screen includes the following parts: Login. Credential required to access to AlienVault USM. It refers to the nickname that the user uses to open a session in the system. Name. This is the user name of that user in the system. Email. This is the e-mail address of the user. It is used to send notifications, reports, etc., to the user. Visibility. This field informs about the group that the user belongs to. There are groups of objects used to simplify the asset management. Status. There are 2 types of status: enabled user ( ) and not enabled user ( ). Language. The interface is translated into several languages and it is possible to select a language between those configured. The configured languages are: English, Chinese simplified, Chinese traditional, French, German, Portuguese and Spanish. Creation date. The date on which that user has been created. Last login date. The last date on which that user has logged. At the bottom part of the window, it appears a navigation bar (<PREVIOUS NEXT>) and the button ( ).This button opens a quick search field: Figure 10. User s management: quick search 7.1. CREATE A NEW USER To create a new user, the instructions below should be followed: 1. Click on New. AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 13 of 25

Figure 11. Create a new user 2. User login. Enter a user login. This information is necessary to enter into AlienVault USM (see Figure 1). 3. User name. Enter a user name. 4. User email. Enter a user's email. AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 14 of 25

5. User language. Select the language interface from the list that appears by clicking on the combo box. 6. Timezone. Select a time zone from the list that appears by clicking on the combo box. 7. Enter user password. Enter a user password. This information is necessary to enter into AlienVault USM (see Figure 1). 8. Re-enter user password. Repeat the same password. 9. Ask to change password at next login. Force a password change next time this user enters successfully into the system by selecting Yes. Select No if you do not want to force a password change for this user. 10. Make this user a global admin. Set if the user will be a global admin (selecting Yes ) or not (selecting No ). Be a global admin means that the user has permissions to see all assets and all menu options. Admin users are represented with this icon whenever the list of users is displayed. 11. Menu Template. Click the combo box to select a template between those that are set in the system. A template can be created, modified and/or deleted. 12. Visibility. Select, by a click, the entity associated with that user. This option is mandatory and it is used to associate the user to entities and assets within the structure tree. For instance, there is a company that has 2 headquarters, one in city1 and another in city2. Each headquarter could be an entity and each entity may have their assets such as a printer, networks, laptops, phones, etc. A person who works at the headquarters of city1 will be associated with the entity city1 and to the following assets: a printer, a network and a laptop. When this user enters into the system, he will only have visibility of those 3 assets: that printer, that network and that laptop, but he will not have visibility of entity city2 or their assets. 13. Allowed Assets. To assign assets it is necessary to select, previous, an entity context. This option is not mandatory and it works as a filter within an entity. 14. Enter your current password. SAVE. Click this button to make changes take effect. 7.2. MODIFY A USER To modify a user, do one of these options: AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 15 of 25

Select the user you want to modify by clicking on the line of that user and click on Modify. Select the user you want to modify by double-click on the line of that user. Select the user you want to modify by clicking on the name of that user. Figure 12. Modify a user Once all changes have been made, click on SAVE to make changes take effect. AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 16 of 25

To delete a user, select the user you want to delete by clicking on the line of that user and click on Delete selected. The system will ask for confirmation and a screen similar to the following will appear: Figure 13. Delete a selected user: confirmation screen It is possible to disable a user instead of deleting it in order to keep his configuration. If the status of a user is disabled, this user will not enter into the system (see Section 7.7) AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 17 of 25

7.3. DUPLICATE SELECTED USER It is possible to copy the information configured in a user to another user. Select the user you want to copy by clicking on the line of that user and click on Duplicate selected. Figure 14. Duplicate selected user AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 18 of 25

Fields that appear in this window are explained in Section 7.1. Notice that the system has added _duplicated in the "User login" field in order to distinguish this user from the user that has been copied. Once all changes have been made, click on SAVE to make changes take effect. 7.4. MULTILEVEL TREE This option is used to view users hierarchy and how users are arranged in entities. Figure 15. Multilevel Tree AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 19 of 25

7.5. USERS ACTIVITY This option allows the administrator to configure the user activities to be logged in the system. Choose Configuration > Administration > Users > Activity. Figure 16. Users Activity This table displays 2 columns. The left column shows the logged actions and the right column shows the actions that are not logged. To pass an item from one side to the other, drag and drop the item or use the links [+] or [-] which are next to each item. It is possible to pass all items from one side to the other by clicking the Remove all and Add all buttons. In the right part, Actions not logged, it is also possible to enter criteria in order to make a filter. Criteria must be entered in the field located on the left of Add all button. To make all changes take effect, click the UPDATE CONFIGURATION button. AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 20 of 25

7.6. ENABLED AND NOT ENABLED USERS It is possible to disable a user in order to not let him enter into the system but his configuration will be saved. The icon means that user is enabled and the icon means that the user is not enabled. Click on the icon and it will turn from one status into the other. Choose Configuration > Administration > Users > User Information : Figure 17. Status of users: enabled and not enabled If the status of a user is disabled, this user will not enter into the system. The following message will appear: Figure 18. Status of users: user not enabled admin AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 21 of 25

7.7. TEMPLATES A template serves as a model for configuring user permissions in the AlienVault USM functionality. It is possible to create, modify and delete templates. Choose Configuration > Administration > Users > Templates. Figure 19. Templates This screen includes the following fields: Action bar, which includes the buttons NEW, MODIFY and DELETE SELECTED. A combo box allows the user to configure the number of entries to display. Name. It refers to the template name. Users assigned. This field informs about which users are assigned to that template. Sections allowed. This field displays the percentage of functionalities that are allowed in that template. At the bottom part of the window, it appears a navigation bar (PREVIOUS, NEXT). This button opens a quick search field: AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 22 of 25

7.7.1. CREATE A NEW TEMPLATE To create a new template, the instructions below should be followed: 1. Click on NEW. Figure 20. Create a new template 2. Write a name for this template. 3. Select functionalities you want to include in the template by clicking on the square located on the left part of each of the functionalities. 4. Click on SAVE TEMPLATE to save changes. 5. CANCEL button is used to exit this window without saving changes. 7.7.2. MODIFY A TEMPLATE To modify a template, do one of these options: Select the template you want to modify by clicking on the line of that template and click on MODIFY. AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 23 of 25

Select the template you want to modify by double-click on the line of that template. Select the template you want to modify by clicking on the name of that template. A screen similar to the following appears: Figure 21. Templates: modify Select or unselect the functionalities you want to include or remove in the template by clicking on the square located on the left part of each of the functionalities. The button SELECT / UNSELECT ALL is used to select or unselect all functionalities at the same time. If you change the template name, the button SAVE AS will be active. This button is used to copy the current template and create a new one. SAVE CHANGES is used to save all changes made. CANCEL button is used to exit this window without saving changes. AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 24 of 25

7.7.3. DELETE A SELECTED TEMPLATE To delete a template, select the template you want to delete by clicking on the line of that template and click on DELETE SELECTED. The system will ask for a confirmation and a screen similar to the following will appear: Figure 22. Delete a selected template: confirmation screen AVUG-00107 Edition 01 Copyright 2016 AlienVault. All rights reserved. Page 25 of 25

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information