ManualsPro ALTAIR ALTAIR Monarch Server User Guide

ALTAIR Monarch Server User Guide

June 8, 2024
ALTAIR

ALTAIR Monarch Server

ALTAIR-Monarch-Server-PRODUCT

INTRODUCTION

  • To enhance security of the Monarch Server application, you can use the Security Enhancements features. These features are an optional Monarch Server functionality that is available under license.
  • The Monarch Server Security Enhancements Guide gives an overview of the Security Enhancements features and explains how to use them with Monarch Server.
  • This Guide is intended for Monarch Server consultants, customers, and system administrators who will use the Security Enhancements features.

ABOUT MONARCH SERVER SECURITY ENHANCEMENTS

The Monarch Server Security Enhancements help reduce the risks of unauthorized data access. Each enhancement affects a separate part of the Monarch Server system, as illustrated in the following diagram:ALTAIR-Monarch-Server- FIG-1

  • MZ stands for “militarized zone” and includes the network segment that is well protected against intrusions, i.e. unauthorized data access, from the outside network by appropriate tools (e.g., firewalls). However, data on the database server requires additional protection.
  • DMZ stands for “demilitarized zone” and includes the network segment open to the outside network. DMZ usually comprises the corporate Web server that is the most exposed component in the system because it has to be accessible to Monarch Server end users.
  • To improve the security of your Monarch Server system, you can use the following Security Enhancements:
    • Web Services Security Certificates
    • Database Server Protection with Encrypted Index Values
    • Key Generation
    • Encrypting and Decrypting Existing Data

NOTES: The SecurityModule license component is required to enable Security Enhancements.

WEB SERVICES SECURITY CERTIFICATES
With Monarch Server Security Enhancements, you can encrypt messages that services and Web servers exchange. To do this, you can use the Security Enhancements certificates feature.
To use a certificate

  1. Install the required certificate on all machines that will run the services.
  2. Run Monarch Server Configurator.
  3. Select the Configurator tab, and then select the Modules tab.ALTAIR-Monarch-Server-FIG-2
  4. For each module, set the default URI scheme to SecuredHTTP and to a unique port.
  5. In Datawatch.ModulesManagement.Agent.exe.config, set the URL to Config.
  6. In Web.config of the Admin and Client Web applications, set the URL to Config.
  7. Edit the config.xml file. In the Modules section of the file, enter the certificate name: DefaultCertificateSubjectName =
  8. Restart the Config and Agent Services of Monarch Server.

DATABASE SERVER PROTECTION WITH ENCRYPTED INDEX VALUES

  • Although the Monarch Server database server runs in the well-protected MZ, you can achieve an even higher level of data protection by encrypting string index values.
  • String index values retrieved from ingested reports are stored inside the database. After finding a way to access the database, an intruder (i.e., a person intending to get unauthorized access to data) is able to read the information. To decrease the risk of such a scenario, the data are encrypted using the AES encryption algorithm.
  • Using the AES algorithm, you can encrypt those data items that are dependent on encrypted index values, for example, document names, report names, and search and security criteria.
  • With Monarch Server Security Enhancements, you can encrypt index values selectively via the index field.
  • Index values are encrypted for those index fields that you choose to be encrypted when creating them or importing from a model:ALTAIR-Monarch-Server-FIG-3

After an index field is created, you can decrypt or encrypt (whichever is applicable) its index values with the help of another Security Enhancements application — Database Encryptor. For more information, see Using Database Encryptor.

There are three limitations in using encrypted index fields when specifying search or security criteria:

  • It is not possible to see a list of values to choose.
  • It is not possible to set compare symbols other than “=” and “<>”.
  • It is not possible to use masks for these fields.

Inside the database, the index values of selected index fields and each search or security criterion containing a value for the field are encrypted.

KEY GENERATION

You can generate keys used for data encryption and decryption by using the Key Generation application. A key is stored in a file in the keystore, i.e., in a dedicated directory on a disk.
The system administrator must ensure that the keys are protected by means of the operating system, i.e., a key file should be accessible only to the user account under which Monarch Server services run.

You can generate seven types of keys with the Key Generator:

  • AES128
  • AES256
  • Rijndael
  • Blowfish
  • DES
  • RSA
  • DSA

NOTES: For all Security Enhancements to work, you need to first generate the AES key used to encrypt database information.

To generate a key

  1. Run Key Generator.exe.
  2. Specify an output folder, i.e., the folder in which the keys will be stored.
  3. Select an encryption algorithm.
  4. Click Generate Key. A file with a key is generated. The file name is displayed in the Key Generator window.

NOTES: You can store up to 100 keys generated with one algorithm in one folder.

ENCRYPTING AND DECRYPTING EXISTING DATA

If you want to encrypt (and decrypt thereafter) already loaded data, i.e., index values, on a working system, you can only do so by using the Database Encryptor application.

USING DATABASE ENCRYPTOR
To encrypt or decrypt index values, you first configure the database parameters and then specify the fields to be encrypted or decrypted.
To encrypt or decrypt data

  1. Stop all Monarch Server services.

  2. Run DatabaseEncryptor.exe. The Database Encryptor configuration window appears.ALTAIR-Monarch-Server-FIG-5

  3. If you want to configure the database parameters automatically, click Browse for configuration.

  4. Select the config.xml file. The database-related fields (Data Source, Initial Catalog, User Id, and Password) are filled in automatically.
    NOTES: Make sure the Encryption Enabled field value is set to “true” and the path to the key is specified in config.ALTAIR-Monarch-Server- FIG-6

  5. To encrypt fields, select the required ones in the Plain Fields pane (hold Ctrl or Shift for multiple selections), and click Encrypt.

  6. To decrypt fields, select the required ones in the Encrypted Fields pane (hold Ctrl or Shift for multiple selections), and click Decrypt.

CONTACT US

GET IN TOUCH

We’d love to hear from you. Here’s how you can reach us.
SALES CONTACT INFORMATION

  • US: + 1.800.445.3311
  • International: + 1.978.441.2200

Sales Email

  • US: sales@datawatch.com
  • Europe: sales_euro@datawatch.com
  • Asia Pacific: sales_apac@datawatch.com

SUPPORT CONTACT INFORMATION

References

Read User Manual Online (PDF format)

Loading......

Download This Manual (PDF format)

Download this manual  >>

ALTAIR User Manuals

ALTAIR 544084-GP-AW-NM Bath Vanity in Gray Pine with Carrara White Composite Stone Top Instruction Manual
ALTAIR
ALTAIR 77030-CTP-IBABC Bathroom Vanity Top Owner’s Manual
ALTAIR
ALTAIR PollEx 2021.1 Make Board Paneling User Guide
ALTAIR
ALTAIR PollEx 2021.1 Solder Quantity Calculator User Guide
ALTAIR
ALTAIR PollEx 2021.1 BOM User Guide
ALTAIR
ALTAIR PollEx 2021.1 CAM User Guide
ALTAIR
ALTAIR 546060-BO-GW-NM Bath Vanity Oak with Grain White Composite Stone Top Installation Guide
ALTAIR
ALTAIR Breeze Graphical User Interface Installation Guide
ALTAIR
ALTAIR 531030-CAB-WH-NM D x 33.1 in. H Bath Vanity Cabinet Instructions
ALTAIR
ALTAIR 542072 Hadiya 72 Inch W x 22 Inch D x 34 Inch H Bath Vanity in Black Oak with Carrara Instruction Manual
ALTAIR
ALTAIR v13.5 MONARCH SERVER EMBEDDED THIRD-PARTY SOFTWARE User Guide
ALTAIR
altair Ellexus Mistral Live system Telemetry monitoring User Manual
ALTAIR
ALTAIR Power Pro RC Electric Monster Truck User Manual
ALTAIR
ALTAIR Breeze Trace-Only User Manual
ALTAIR
ALTAIR Monarch V2021.0 Monarch Server Embedded Third-Party Software User Guide
ALTAIR
ALTAIR Monarch Server User Guide
ALTAIR
ALTAIR Monarch Report Mining Edition Server User Guide
ALTAIR
ALTAIR 99587 Human Care Instruction Manual
ALTAIR
ALTAIR 52767-BAT-WH-FB Freestanding Tub Instruction Manual
ALTAIR
ALTAIR 52064-BAT-WH-BB Freestanding Tub with Metal Feet Instruction Manual
ALTAIR

Related Manuals

Winners Sun Plastic Electronic WS-21005 MINI Selfie Stick User Guide
Winners Sun Plastic Electronic
Paul Neuhaus 19827 LED Floor Lamp Instruction Manual
Paul Neuhaus
MandG DuraVent Retail Warranty
MandG
VYTRONIX PW1500 Compact 1400W Pressure Washer User Manual
VYTRONIX
EZXR AR Glasses Controller User Manual
EZXR
POGOLAB M02199 Electric Guitar Amplifier User Manual
PogoLab
Narvi NS Mini Domestic Electric Sauna Heater Instruction Manual
NARVI
LA CROSSE CLOCK CO 404-3828A 10.8 Inch Luxe Wall Clock User Manual
LA CROSSE CLOCK CO
MARVEL MLRE224 24-In Professional Built-In Refrigerator Owner’s Manual
Marvel
ASHLEY P971-854 Outdoor Tables Cocktail Instruction Manual
Ashley
CORALIFE Hang on Back Mini Protein Skimmer Instructions
CORALIFE
MGOB B0BBFJTRC5 Hand luggage Cabin Suitcase PC Hard Case Instructions
MGOB
MAGIO MG-440 Induction Hot Plate Instruction Manual
MAGIO
GE WE49X32950 Propane Gas Conversion Kit Installation Guide
GE
Omron Blood Pressure Monitor Instructions: 3 Series BP7100 Manual
Omron
Altronix TROVE1PH1 Trove1 W Openpath Backplane Instruction Manual
Altronix
IKEA KOLBJÖRN Shelving Unit in Outdoor Green Instructions
Ikea
LEDVANCE G11098960 Bluetooth Spot Concentra Multicolour Bulb Installation Guide
LEDVANCE
Helvetia Furniture Tv Meubel Kora Breedte ca. 218.5-315 cm Instructions
Helvetia
OMRON S8VK-R Redundancy Unit Instruction Manual
Omron
BOSCH PFS 105 E 1000ml Power Fine Spray System Instruction Manual
Bosch
Indesit BWA 71083X W PL Washing Machine Specifications And Datasheet
INDESIT
DIG ST100AS Drip and Soaker Vegetable Watering Systems Installation Guide
DIG
fifine AMPLIGAME A22 2.1 Channel Bluetooth Speakers User Guide
fifine
VOCIC V-ES-D-A Mobility Scooters Adults Instruction Manual
VOCIC
acer E181E eMachines Flat Panel Monitor User Guide
Acer
QSC CP Series 1000 Watt Compact 8″ Powered Loudspeaker User Manual
QSC
themix Vac-U-Seal Vacuum Sealer Wand Instructions
themix
POWERSMART PSM2521PH 21-inch 3-in-1 Gas Powered Push Lawn Instruction Manual
POWERSMART
arzum 2300 W TRENDCARE AR 5060 Haridryer Instruction Manual
arzum
Contact Us   Privacy Policy   6.025ms