Configure Unified Management
search cancel

Configure Unified Management

book

Article ID: 286554

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

Steps for configuring Unified Management to centralize the management of multiple App Control Server installations.

Environment

  • App Control Server: All Supported Versions

Resolution

IMPORTANT NOTES
  • All Servers will need a User Account with the Role, Administrator (Unified Management) for initial setup.
    • The default Console Admin account has this Role enabled.
  • Each User of the Unified Management features will need an Authentication Account for each Client Server 
    • This account does not need Administrator (Unified Management) permissions.
    • This account will need the Role, User (Unified Management).
    • This account will need permissions to the desired local features (ex: File Catalog, Custom Rules, etc)
    • It is recommended that each User of the Central User have their own Authentication Account on each Client Server.
  • Users accessing a Client Server via the Central Server will inherit the permissions of the Authentication Account, not their own.
    • Actions taken by these Users will appear in Events as having been performed by the Authentication Account, not the Logged-in User of the Primary Server.
  • Security Protocols must match between the Central and Client Servers
    • Ex: If one Server is configured to only use TLS 1.3, all other connected Servers must be configured to use TLS 1.3.

 

Configure the Client Server

  1. Log in to the Console of the Client Server with an administrative user.
  2. Navigate to Settings > Login Accounts.
  3. Verify a User Account exists with the Role, Administrator (Unified Management) for setup and management of Unified Management.
  4. Verify a User Account exists with the Role, User (Unified Management) for use by users of the Central Server.
    • It is recommended that each User of the Central Server have their own Authentication Account.

Enable Unified Management & Add Client Servers on Central Server

  1. Log in to the Central Server's Console with an account that has the Role, Administrator (Unified Management).
  2. Navigate to Settings > System Configuration > Unified Management.
  3. Click Edit and change the Unified Management option to Enabled, then click Update.
  4. Click Edit > Add Server
  5. Specify the Server URL for the desired Client Server (ex: https://appc2.mydomain.local)
    • If using a Certificate Authority issued certificate, Certificate Verification can be enabled to verify the connection if desired.
  6. Click Authenticate and enter the credentials for the User from the Client Server with the Role, Administrator (Unified Management).
  7. After the authentication completes, click Update.
  8. The Server list will reload and the new Client Server will be displayed.

Authenticate With Client Server(s)

The following initial steps will be required for each User of the Central Server to access Unified Management features.

  1. Log in to the Central Server's Console with an account that has the Role, User (Unified Management).
  2. Hover on the Username in the upper-right corner > User Settings.
  3. Scroll to Unified Server Authentication > relevant Client Server > Authenticate
  4. Enter the matching credentials for the relevant Client Server and click Submit.
  5. Verify Connected, authenticated is displayed.
  6. Click Save

Additional Information

  • After connection to the Managed Server is authenticated, it remains authenticated unless the Server Address for the Managed Server changes.
  • Errors for Disconnected and Unreachable Servers are logged in <ServerInstallDir>\Parity Console\WebUI\Logs\php_errors.log
  • Unified Management permissions are split into two categories:
    • Administration (Unified Management) can both use the features and change the configuration of Unified Management.
    • User (Unified Management) can use the features, but not change the configuration of Unified Management.
  • Unified Management features include:
    • Unified Events is a Saved View available 
    • File Information from all Servers is available through the Central Management Server.
    • Rules (File Rules, Custom Rules, Memory Rules and Registry Rules) can be created on from the Central Management Server and applied to some or all Managed Servers.
    • User Interface changes include a symbol with three cubes together, indicating that a feature has Unified Management enabled. On pages that show results from multiple Managed Servers the word Unified appears next to the page heading.
Powered by Wolken Software