Configure the Basic Security Settings Using the SSO Configuration Tool

The basic security settings are the settings that control the security protocols and algorithms that
NetOps Portal
uses. You can manage these settings using the Single Sign-On Configuration tool (SSOConfig) and the SSL Configuration tools, and view them in
NetOps Portal
. This article details how to configure the settings using SSOConfig.
For more information about how to view these settings using
NetOps Portal
, see Configure the Basic Security Settings.
Follow these steps:
  1. Open a terminal session on the
    NetOps Portal
    host (as root or with the
    sudo
    command).
  2. Launch the Single Sign-On Configuration tool by running the
    ./SsoConfig
    command in the following directory:
    <installation_directory>
    /PerformanceCenter
    /opt/CA
    is the default installation directory.
    You are prompted to select an option. The available options correspond to the data sources running on the local server.
    Use the following commands as needed while you are selecting settings:
    • q
      (quit)
    • b
      (go back to the previous menu)
    • u
      (update)
    • r
      (reset)
  3. Enter
    1
    to configure
    NetOps Portal
    (CAPC) security settings.
    You are prompted to select a configuration option.
  4. Enter
    3
    to configure
    NetOps Portal
    (DX NetOps) security settings.
    You are prompted to specify the priority.
    The
    Priority
    parameter only applies to
    NetOps Portal
    .
  5. Enter
    one
    of the following options:
    • 1. Remote Value
      Propagates these settings to the data sources that are registered to this instance of
      NetOps Portal
      , including the Event Manager service, which embeds the
      NetOps Portal
      URL.
      NetOps Portal
      uses these settings only if a corresponding
      Local Override
      value is not present.
      To configure the scheme or port to include the correct
      NetOps Portal
      URL in threshold event email messages, use
      Remote Value
      .
    • 2. Local Override
      Overrides a setting only on this
      NetOps Portal
      instance. This setting takes precedence over the
      Remote Value
      setting and the default settings.
    You are prompted to select a property to configure.
  6. Enter
    one or more
    of the following properties:
    When prompted, enter
    u
    to update the value and supply a new value.
    • Web site security settings:
      • 6. Web Site Scheme
        Specifies the URL scheme for access to the
        NetOps Portal
        website. If you have set up HTTPS, enter
        https
        .
      • 7. Web Site Host
        Specifies the fully-qualified domain name of the
        NetOps Portal
        host for all access to the
        NetOps Portal
        website.
        To use a specified hostname in emails instead of the IP address for the
        NetOps Portal
        host, set the
        Remote Value
        to that hostname.
      • 8. Web Site Port
        Specifies the URL port for all access to the
        NetOps Portal
        website.
        For more information about the ports to use for secured communication, see Review Installation Requirements and Considerations.
      • 9. Web Site Path
        Specifies the URL path for all access to the
        NetOps Portal
        website.
      For more information about how to configure the port and website for HTTPS, see Configure the Port and Website for HTTPS.
    • 7: Enable FIPS
      Configures
      DX NetOps Performance Management
      to use FIPS-compliant encryption and hashing algorithms FIPS, and then following the prompts.
      For more information about FIPS-compliant encryption in
      DX NetOps Performance Management
      , see Enable FIPS-Compliant Encryption.
    • 23. Custom HTTP headers to be added to our responses (Local Override)
      For enhanced security, adds custom HTTP headers to the HTTP responses that
      NetOps Portal
      sends.
      Default:
      <none>
      For example, a common set of headers added to responses is:
      X-XSS-Protection:1; mode=block|X-Content-Type-Options:nosniff|Strict-Transport-Security:max-age=31536000; includeSubDomains
      A vertical bar (|) separates the headers. The headers contain the header name and value separated by a colon (:).
  7. Enter
    b
    and
    b
    again to go back to the first set of options.
  8. Enter
    q
    .
The basic security settings are configured.