Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1210
Views
0
Helpful
1
Replies

Stealthwatch Limitation on readonly users

Go to solution
hsangral
Cisco Employee
Cisco Employee

‎01-20-2020 04:44 AM

Hello,

 

Is there a limitations on the number of read only users that can be created on stealthwatch, I have a requirement fo 30+ user accounts that are needed to be created.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
brford
Cisco Employee
Cisco Employee

‎01-20-2020 10:03 AM

There is no practical limitation on the number of users that can be created but...

 

You should monitor the number of active or logged in users in Stealthwatch at the Stealthwatch Management Console (SMC).  The number of active users supported is listed in the documentation based on virtual or appliance.  If you have many users logged in and running queries at the same time the management console response time may increase (i.e. get slower).

 

About creating and maintaining those accounts; it's a good security practice to create accounts for people who are active users of the system.  If you find someone is not using the system; either because their responsibilities changed or because they don't work there anymore you should remove those accounts.  If you leave inactive accounts available in the system you are creating a threat surface in that a bad actor might figure out how to use that account to surveil your network.

 

 

 

 

 

 

Brian Ford | brford@cisco.com | brford@yahoo.com | 51 75 61 6c 69 74 79 20 6d 65 61 6e 73 20 64 6f 69 6e 67 20 69 74 20 72 69 67 68 74 20 77 68 65 6e 20 6e 6f 20 6f 6e 65 20 69 73 20 6c 6f 6f 6b 69 6e 67 2e | Email me when you figure this out.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
brford
Cisco Employee
Cisco Employee

‎01-20-2020 10:03 AM

There is no practical limitation on the number of users that can be created but...

 

You should monitor the number of active or logged in users in Stealthwatch at the Stealthwatch Management Console (SMC).  The number of active users supported is listed in the documentation based on virtual or appliance.  If you have many users logged in and running queries at the same time the management console response time may increase (i.e. get slower).

 

About creating and maintaining those accounts; it's a good security practice to create accounts for people who are active users of the system.  If you find someone is not using the system; either because their responsibilities changed or because they don't work there anymore you should remove those accounts.  If you leave inactive accounts available in the system you are creating a threat surface in that a bad actor might figure out how to use that account to surveil your network.

 

 

 

 

 

 

Brian Ford | brford@cisco.com | brford@yahoo.com | 51 75 61 6c 69 74 79 20 6d 65 61 6e 73 20 64 6f 69 6e 67 20 69 74 20 72 69 67 68 74 20 77 68 65 6e 20 6e 6f 20 6f 6e 65 20 69 73 20 6c 6f 6f 6b 69 6e 67 2e | Email me when you figure this out.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents