Proper registration of devices is critical to the proper functioning of the solution. Any discrepancy between the registration and the actual access data affects the software behavior.
You can manage your devices in the module options Devices ➔ Devices menu. In this report you have access to all devices data.
In the main device list the Connectivity column has the record of the last asynchronous test of connectivity to the devices, by default this test is done every 3 minutes.
You can register the device through the quick actions menu (Green file icon on top) or click on actions then click "New".
On the new Device screen, you have three tabs with information pertinent to the device to perform the segregation of access and perform connectivity for other functionalities. Such as Proxy or Password Change.
The minimum required fields are all in the main Information tab.
The entities Device type and Site are segregators in the senhasegura permission system. That means changing or inactivating may affect user access to Devices and Credentials. Also may affect the user experience in reports and dashboards.
IP, hostname or management URL: Network address, hostname, or IP through which the device is registered and that is reachable by the platform;
Device name: Device name for internal use of senhasegura . There is no need to be the same hostname as the device. This name will be used for segregation;
Device type: Device type;
Vendor: Device manufacturer;
Product: Device model;
Site: Division to which the device belongs;
Domain: List of domains to which the device belongs;
Tags: Tags for distinction of use. Used for filters and segregation;
The fields Device type , Vendor , Product and Site can be registered directly on the new device screen even if the given value does not exist.
All registration, modification and inactivation operations of Devices and their attributes are sent via Syslog.
In the Connectivity tab, is necessary to configure which protocols and ports the device accepts. When you add a connectivity option, you can change the port number and perform the connectivity test, Connectivity tests are performed via TCP socket.
Network Connector Field
If you have your device in a separate network or networks with IP overlap, you can select a Network Connector to be used as a connector to this device, all Network Connector registered will be listed, or none if no Connector is avaiable.
For more information how manage the Connectors go to Network Connector.
Through the Connectivity settings, you can set the device to allow or not the use for Proxy connections or use by other modules, can be set which connectivity type will be used and which Port.
The protocol list is fixed. The user is not allowed to inactivate or create new connectivity types.
It is possible to configure senhasegura to use the device with two applications and the same protocol but on different ports.
When modifying the default port of connectivity, the change will only be reflected current edited device, not being applied to Devices already registered.
In the Additional settings tab, if needed you can register information to work with this device.
Is an option to set the criticality of the device with High, Medium, or Low.
Remote session settings
It's recommended that whenever possible use protocols with encryption support, but if sometimes not possible to replace old devices or with a custom interface, devices still must be protected and managed by senhasegura, then Remote session settings might be helpful.
You can register regular expressions to handle custom authentications on devices that use command-line protocols such as Telnet.
Deactivating a device
When activating a previously inactivated device, the credentials associated with it will not be activated.
To batch disable a device, go to Devices ➔ Devices:
Check the checkbox according to the device you want to disable
Click on the button Disable devicesinfo
If no checkbox is selected and you click Disable devices an Attention message will be shown on the screen asking you to select at least one record.
Confirm by clicking Yes if you really want to inactivate the device or cancel by clicking Noinfo
A window called Confirmation is shown asking if you confirm the inactivation of the selected device and a warning message that when inactivating the device all passwords linked to it will also be inactivated.
After completing this operation, a success message is displayed.
Every device deactivation is notified via Syslog, since deactivating devices is an atypical situation, and should always be notified, especially in batch deactivation. In addition, if you have a monitoring system, it can configure this event to be notified.