ServersΒΆ
A server is one of the basic data model element, a resource under surveillance.
Adding a server definition
Warning
Data model objects: users, servers, bastions and connections are replicated within the cluster and object instances must not be added on each node. In case the replication mechanism fails to copy objects to other nodes, contact technical support department.
- Select > .
- Click .
- Define server parameters.
| Parameter | Description |
|---|---|
| General | |
| Name | Object name. |
| Blocked | Select if defined object should be unavailable after creation. |
| Protocol | Server communication protocol. |
| HTTP timeout (HTTP only) | Idle time after which the user will be required to authenticate again. |
| Security (RDP only) | RDP connection’s security mode. Enhanced RDP Security (TLS) + NLA allows hiding FUDO’s login screen upon connecting to destination host. |
| Anonymous | Disables users’ authentication by FUDO. FUDO automatically creates and maintains (adds newly created anonymous servers) dedicated anonymous connection. When establishing a connection with an anonymous server, FUDO does not check if the user exists in the local database. User login credentials are forwarded to the target server which handles the authentication process. After successful authentication, FUDO starts recording the session. The only authentication method applicable to anonymous servers is static password. Enabling this option removes existing assignments to connections. After disabling this option it is necessary to assign the server to connections. |
| Ask for log in reason | Prompt the user asking for the purpose of the log in. |
| Description | Description helping to identify defined resource. |
| Announcement (RDP/VNC only) | Local server announcement displayed on user login screen. |
| External passwords repository (Applicable to Lieberman ERPM servers) | |
| Namespace | Namespace in which the given server object is defined. |
| Name | Name of the server object as defined in the specified namespace. |
| Permissions | |
| Granted users | Users allowed to manage given object. The list contains users with the admin or the operator role. For more information on user access rights refer to the Security topic. |
| Destination host | |
| Address | IP address of the destination server along with the port number on which the service being monitored is running. |
| Server certificate (RDP and HTTPS only) | Allows downloading server’s SSL certificate for verification purposes. |
| Server public key (SSH only) | Allows downloading server’s SSL certificate for verification purposes. |
| HTTP host (HTTP only) | Allows providing a specific resource on the server to be monitored. |
| Proxy | |
| Mode | Select connection mode to determine how the user will connect to target hosts. |
| Transparent - user connects to the target host by providing its actual IP address. FUDO moderates the connection with the remote host using user’s IP address. This option requires deploying FUDO in the bridge mode. | |
| Proxy - user connects to the target host by providing FUDO IP address and port number which unambiguously identifies target host. | |
| Gateway - user connects to the target host by providing its actual IP address. FUDO moderates the connection with the remote host using own IP address. | |
Bastion - user connects to the target host by including its name in the login string, e.g. ssh jon_smith#mail_server@10.0.35.10. |
|
| Local address (non-transparent configuration only) | An IP address and a port number used for connecting to the target host. A unique combination of those parameters allows for unambiguous identification of the target server. For more information on IP address assignment, refer to the Network settings topic. |
| Bind address (non-transparent configuration only) | An source IP address for sending request to give server. |
| Use HTTPS (HTTP only) | Select this option to have connections to FUDO encrypted with the SSL protocol. |
| HTTPS certificate | FUDO SSL certificate required for establishing secure HTTP connections. |
| HTTPS private key (HTTPS only) | FUDO SSL private key required for establishing secure HTTP connections. |
| TLS certificate (Enhanced Security RDP only) | TLS certificate for RDP connections requiring Enhanced RDP Security. |
| Server public key (RDP only) | Proxy server’s public key. |
Note
Click the hash function specifier to switch between SHA1 and MD5 fingerprint representation.
- Click .
Modifying a server definition
- Select > .
- Find desired server definition.
- Click server name to access server configuration parameters.
- Modify configuration values as needed.
Note
Unsaved changes are marked with an icon.
- Click .
Blocking and unblocking a server
FUDO allows blocking access to given server for all users.
Warning
Blocking a server will terminate current connections with the given server.
- Select > .
- Find and select desired server definition.
- Click to block access to given resource or to allow connecting to selected server.
- Provide descriptive reason for blocking given resource and click .
Deleting a server definition
Warning
Deleting a server definition will terminate current connections with the given server.
- Select > .
- Find and select desired server definition.
- Click .
- Confirm deleting selected objects.
Related topics: