Versions Compared

Version Old Version 2 New Version 3
Changes made by

maria ieropoulos

maria ieropoulos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

General

1.png

The following options may be set:

  • Web Management Port  - The port the Snare Reflector web UI operates on.
  • Web UI HTTPS Certificate - This certificate will be used for HTTPS Snare Reflector Web UI interactions.
  • TLS Listener Certificate - This certificate will be used for TLS client interactions.
  • Event Cache Memory Size - This is the total memory size in MB used by the RAM-based event cache. Once the cache is full, the Snare Reflector will store incoming events on disk. Once the disk cache is full, Snare Reflector may start dropping incoming events.
  • Disk Cache Folder - This is the folder location of the disk cache. Disk cache files are written to this folder location.  This location can be changed entering a new folder location. If the folder location does not exist, then Snare Reflector will revert to the last known good folder location.For performance and security reasons it is recommended that the disk cache be used only on NTFS formatted drives, rather than FAT32. 
  • Disk Cache File Size - This is the maximum size in MB of the file used by the disk cache to store events.
  • Disk Cache Email Alert Threshold - Set this to send an email alert if the disk cache fills to this volume as a percentage of total capacity.  A value of 0 indicates no alerts will be sent. 
  • Setup Wizard - The setup wizard helps you walk through initial steps to get Snare Reflector up and running.   Selecting Restart Wizard will cause the Wizard to restart. 

To save and set the changes to the above settings, and to ensure the Reflector service has received the new configuration, perform the following:

  1. Click on Update to save any changes to the registry.

  2. Click on the Restart Snare Reflector button at the top of the screen.

 

Note
titleNote

Any changes to the "Disk Cache Folder", "Disk Cache File Size" or "Event Cache Size" will result in the loss of any events currently stored on the disk cache. Please ensure that the reflector is quiet if these settings need to be changed while in operation.   Additionally any disk I/O errors during normal operation or on loading after a restart may also result in loss of any events currently stored on the disk cache if the reflector can not process the cache file.

License

This page details the licensing information for the Snare Reflector and includes:

  • The Key IDs for your local host, where the Snare Reflector is installed

  • The active licenses registered to your organization

  • The ability to add a license.  To add a license, paste your license text into the shaded area and click Add.  This will activate a license for the Reflector, without needing to restart the Reflector service.

In order to license Snare Reflector you will need to submit your Key IDs via the Snare License and Download Manager (SLDM) web site https://customer.intersectalliance.com using your login credentials, and add that license to the Reflector.

1.pngImage Removed

Destinations

Setting a destination point is described above.

Listeners

This page displays the ports and protocols on which the Snare Reflector is listening for incoming events.  The Snare Reflector Listeners cannot be modified at this point in time.

Alerts

The Snare Reflector can be configured to notify someone whenever the disk cache reaches a specified capacity. 

1.pngImage Removed

  • Outgoing Mail Server - Enter the mail server name for your outgoing mail server. Note you may be able to find this information in your email program if you are unsure. 
  • SMTP Port - Enter the port for your outgoing mail server
  • Authentication & Encryption - If your outgoing mail server requires authentication, select the Authentication & Encryption or Authentication Only" option and enter your username and password. The Encryption option will support TLS up to v1.2  based connections when in use.
  • Recipient Email Address - Enter the email address of the recipient who will receive the alerts.
  • Sender Email Address - Enter a sender email address such as your organisation or department.

Select Update to save your changes.

You can test the configuration by clicking Send a test email (ensure your changes are applied before attempting to send the test email).

My Account

The current user information for Snare Reflector is displayed, with the ability to update the password.

1.pngImage Removed

Passwords must comply with the following criteria:

  • Meet at least 3 out of the following 4 complexity rules:

    • At least 1 uppercase character (A-Z)

    • At least 1 lowercase character (a-z)

    • At least 1 digit (0-9)

    • At least 1 special character (punctuation)

  • At least 10 characters

  • At most 128 characters

  • Not more than 2 identical characters in a row (e.g. 111 not allowed)

About

...

1.pngImage Removed

Help

...

.