Chapter 7: Using the SafeWord 2008 Management Console
Customizing SafeWord 2008
179
Reconfiguring the default login ACL
All requests for access to resources are processed through one or more ACLs.
These ACLs are a collection of access rules that are defined for a set of
resources being protected. All users must be authorized by a login ACL, and if
none is explicitly assigned, the default login ACL is applied.
To change the default ACL, in the
Default Login ACL
field, highlight the existing
text, and enter a different login ACL in its place. If none of the user’s roles
(explicit or implicit) refer to a login ACL, the Authentication Engine consults the
Default Login ACL
during authorization.
Reconfiguring logging
Each time there is an access request, the date and time of the request,
whether the authentication passed or failed, and any authorization violations
are logged in an audit log file. To allow more extended entries in the log file,
click the
Use verbose logging
check box.
Configuring the log server
The Servers tab is used to specify the IP address and port of the log server that
handles all audit log archive operations. If your deployment includes more than
one admin server, you must designate which one will perform audit log
operations. If your deployment only has one admin server in it, that server’s IP
address and port number are automatically populated in the hostname log
server and port fields. To access the
Servers
tab, select
Configuration >
SafeWord
, then set or confirm the following
Servers
tab configurations:
–
In the
Log Server
field, enter one of the following for the Admin Server
handling log operations in your network:
•
Hostname:
obtained by typing
hostname
in command prompt
(independent of IPV4 or IPV6 configuration).
•
IP Address:
obtained by typing
ipconfig
in command prompt.
Note: If using IP address and both IPV4 and IPV6 are enabled, the Log
Server should contain the IPV4 address. If IPV4 is disabled, the Log Server
should contain 127.0.0.1.
–
In the
Port
field, enter the
Port
that the Admin Server is using.