...
The following options may be set:
- Authentication Key: At the time of installation, the Snare Enterprise Agents and the Snare Agent Manager have the same predefined Authentication Key
DEFAULT_AUTH_KEY__USER_TO_UPDATE
. To update the Authentication Key between agents and SAM, you may either click the key button to auto generate a new key, or copy and paste your Authentication Key into the input field and select Update. The key may be toggled to be not be displayed via the eye button. - Agent Passwords: This list of passwords will be used when probing agents during network scans. The default password is snare. Type in a new password and click Add Password. The agent passwords are visible by default and may be toggled visible via the eye button. To reset the passwords to the default select Reset Passwords. For v5.8.0+ agents the network scan will only be able to try the number of passwords up to the Snare Agent setting 'Max number of failed attempts allowed' (3 by default).
- Ports To Scan: These These ports will be used when performing a network scan to probe for agents. To add a new port, type in the port and click Add New Port. To reset the ports to the defaults select Restore Default.
- Inactivity Delay: Individual Individual agents will be automatically unlicensed should they be unreachable by SAM for a duration in excess of the Inactivity Delay allowance. This setting can be reduced to 1 day as a minimum. The agents will hold the license for a maximum of <inactivity delay> + 2 days (in versions earlier than SAM v2.1.0, the license issued to an Agent was valid for 30 days). The SAM can allow higher settings for reserving the license slot for 60 and to never expire so it will require a manual removal to clear.
- Listening IP Address: The The IP address used to access the SAM web UI and for Agents to use to communicate with SAM. To use all available IP addresses enter 0.0.0.0.
- Web Management Port: The port the SAM web UI operates on, 6261.
- Agent Port: The The port that Agents must use to communicate with SAM, 6262.
- Web UI HTTPS Certificate: This is the certificate to be used for HTTPS Snare Agent Manager Web UI interactions.
- Agent HTTPS Certificate: This This certificate will be used for HTTPS Snare Agent Manager to Agent interactions.
- Web Access Security: Use TLS 1.3 as minimum. When unchecked (default), the Snare the Snare Agent Manager website supports website supports TLS 1.2 and TLS 1.3 for web connections. When When checked, TLS 1.2 is explicitly disabled; browsers connecting to the agent website must support at least TLS 1.3 for ssl SSL connections.
- Maximum failed login attempts allowed: Specifies the number of failed login attempts allowed before the agent is locked. The accepted range is from 3 to 6, with a default value of 3.
- Lockout time (minutes) after maximum failed login attempts: Specifies the lockout duration in minutes during which an agent is prevented from logging in due to reaching the maximum failed login attempts. The permitted range is from 15 to 60 minutes, which defaults to 15 minutes if not specified.
- SAM Logging Options: Specified the logging options for SAM log. This log is stored in Windows inside the SAM install folder. Mostly it is C:\Program Files\InterSect Alliance\Snare Agent Manager\logs. When SAM is running as part of Snare Central, the SAM log is stored /var/log/snareAM/sam.log
- Setup Wizard: The setup wizard help you walk through initial steps to get Snare Agent Manager up and running. Typically you'll encounter the setup wizard when first using SAM after installation. To restart the wizard at any time, select Restart Wizard.
...