Manage U-Series Appliance Security Settings

Download a Crypto Key

  1. From the Maintenance menu, select Security Settings.
  2. Under Download Crypto Key Options, create an encryption password.
  3. Click Submit. The crypto key zip file is created and downloaded to your system.

Upload a Crypto Key

  1. From the Maintenance menu, select Security Settings.
  2. Under Upload Crypto Key Options, enter the encryption password.
  3. Drag and drop the crypto key zip file into the drop area or click the button to browse to the zip file.
  4. Click Generate the Uploaded Key.

Check FIPS Compliance

  1. From the Maintenance menu, select Security Settings.
  2. Under FIPS Compliance Checking, click the toggle to change it to FIPS State (Yes).
  3. Click Update FIPS Setting.
  4. You must reboot the U-Series Appliance for this setting to take effect.

Manage the U-Series Appliance API Key

The U-Series Appliance API manages the communication between U-Series Appliances when high availability is used in your environment.

The API key is automatically generated and is available to copy from the High Availability page. From this page, you can regenerate the key and apply limitations on incoming messages.

For security reasons, you might want to regenerate the key regularly.

  1. From the Maintenance menu, select Security Settings.
  2. Set the maximum age for messages, and then click Update Maximum Age. The default value is 600 minutes.
  3. Click Generate API Key.
  4. When configuring high availability between U-Series Appliances, copy the key to the High Availability page for the partner U-Series Appliance.

Turn SSL Authentication Off or On

  1. From the Maintenance menu, select Security Settings.
  2. Under Event Service SSL Requirement, click the toggle to Event Service SSL/Certificate Required (No) to ignore SSL certificate authentication.
  3. Click Submit.

 

 

We do not recommend disabling SSL certificate authentication. SSL authentication should be disabled only in certain rare circumstances, such as during testing.

Analytics & Reporting Endpoints

If the BeyondInsight Analytics & Reporting web site is unreachable, you can refresh the settings to establish the connection.

  1. From the Maintenance menu, select Security Settings.
  2. Click Refresh.

Generate and Export Certificates

  1. From the Maintenance menu, select Security Settings.
  2. To regenerate the SSL certificate to match the U-Series Appliance network name, click Generate Certificate.

This certificate will not be trusted by the client browser.

  1. To export the client certificate, enter the password for the certificate and then click Export Certificate.

Set a Security Protocol

Security Protocols

  1. From the Maintenance menu, select Security Settings.
  2. Select the security protocol that applies to your environment.
  3. Click Update Security Protocols.

 

To use TLS 1.2 on a U-Series Appliance running Windows Server 2008 R2 and SQL Server 2014, ensure the following patches have been applied to your U-Series Appliance.

Turn On HSTS

You can apply extra security to the U-Series Appliance web site by using HTTP strict transport security (HSTS) technology.

  1. From the Maintenance menu, select Security Settings.
  2. Toggle the switch to on.
  3. Click Update HSTS Setting.