cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
141
Views
0
Helpful
2
Replies
Highlighted
Beginner

Stealthwatch - MFA and/or Access Control

I see that the Stealthwatch SMC GUI (7.2) supports MFA via Radius - but looking at ways to limit access to other components such as the CLI on the SMC, as well as the CLI or GUI on the Flow Collectors or Flow Sensors?

 

Does Stealthwatch support the concept of access control lists (by ip subnet, etc...)?

 

Thanks in advance for your assistance

 

Bob

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Bob,

For GUI - You can create and edit user roles that limits certain feature functionality from within the WebUI. Once logged in find the gear icon at the top right of the UI and select User Management.
For CLI - This is not supported. It is not recommended to make changes to the devices internal ip tables.

I will mention the feature AIDE (Advanced Intrusion Detection Environment (AIDE) which might interest you if you are concerned with monitoring changes made to your systems. When it is enabled, AIDE runs an audit of the current system once a day. It compares the hash sum, permissions, and time accessed of each monitored file on the current file system against the values stored in the appliance database. 

Hope this helps.

Ben

View solution in original post

2 REPLIES 2
Highlighted
Cisco Employee

Bob,

For GUI - You can create and edit user roles that limits certain feature functionality from within the WebUI. Once logged in find the gear icon at the top right of the UI and select User Management.
For CLI - This is not supported. It is not recommended to make changes to the devices internal ip tables.

I will mention the feature AIDE (Advanced Intrusion Detection Environment (AIDE) which might interest you if you are concerned with monitoring changes made to your systems. When it is enabled, AIDE runs an audit of the current system once a day. It compares the hash sum, permissions, and time accessed of each monitored file on the current file system against the values stored in the appliance database. 

Hope this helps.

Ben

View solution in original post

Highlighted

Thanks Ben, I greatly appreciate the reply and the information

 

Bob

Content for Community-Ad