Configure the Basic Security Settings Using the SSO Configuration Tool
The basic security settings are the settings that control the security protocols and algorithms that
NetOps Portaluses. You can manage these settings using the Single Sign-On Configuration tool (SSOConfig) and the SSL Configuration tools, and view them in
NetOps Portal. This article details how to configure the settings using SSOConfig.
For more information about how to view these settings using
NetOps Portal, see Configure the Basic Security Settings.
Follow these steps:
- Open a terminal session on theNetOps Portalhost (as root or with thesudocommand).
- Launch the Single Sign-On Configuration tool by running the./SsoConfigcommand in the following directory:<installation_directory>/PerformanceCenter/opt/CAis the default installation directory.You are prompted to select an option. The available options correspond to the data sources running on the local server.Use the following commands as needed while you are selecting settings:
- b(go back to the previous menu)
- Enter1to configureNetOps Portal(CAPC) security settings.You are prompted to select a configuration option.
- Enter3to configureNetOps Portal(DX NetOps) security settings.You are prompted to specify the priority.ThePriorityparameter only applies toNetOps Portal.
- Enteroneof the following options:
You are prompted to select a property to configure.
- 1. Remote ValuePropagates these settings to the data sources that are registered to this instance ofNetOps Portal, including the Event Manager service, which embeds theNetOps PortalURL.NetOps Portaluses these settings only if a correspondingLocal Overridevalue is not present.To configure the scheme or port to include the correctNetOps PortalURL in threshold event email messages, useRemote Value.
- 2. Local OverrideOverrides a setting only on thisNetOps Portalinstance. This setting takes precedence over theRemote Valuesetting and the default settings.
- Enterone or moreof the following properties:When prompted, enteruto update the value and supply a new value.
- Web site security settings:
For more information about how to configure the port and website for HTTPS, see Configure the Port and Website for HTTPS.
- 6. Web Site SchemeSpecifies the URL scheme for access to theNetOps Portalwebsite. If you have set up HTTPS, enterhttps.
- 7. Web Site HostSpecifies the fully-qualified domain name of theNetOps Portalhost for all access to theNetOps Portalwebsite.To use a specified hostname in emails instead of the IP address for theNetOps Portalhost, set theRemote Valueto that hostname.
- 8. Web Site PortSpecifies the URL port for all access to theNetOps Portalwebsite.For more information about the ports to use for secured communication, see Review Installation Requirements and Considerations.
- 9. Web Site PathSpecifies the URL path for all access to theNetOps Portalwebsite.
- 7: Enable FIPSConfiguresDX NetOps Performance Managementto use FIPS-compliant encryption and hashing algorithms FIPS, and then following the prompts.For more information about FIPS-compliant encryption inDX NetOps Performance Management, see Enable FIPS-Compliant Encryption.
- 23. Custom HTTP headers to be added to our responses (Local Override)For enhanced security, adds custom HTTP headers to the HTTP responses thatNetOps Portalsends.Default:<none>For example, a common set of headers added to responses is:X-XSS-Protection:1; mode=block|X-Content-Type-Options:nosniff|Strict-Transport-Security:max-age=31536000; includeSubDomainsA vertical bar (|) separates the headers. The headers contain the header name and value separated by a colon (:).
- Enterbandbagain to go back to the first set of options.
The basic security settings are configured.