This topic describes the Lockbox Security Settings.
A lockbox is an encrypted file that you use to store confidential information about an application. The Security Analytics Lockbox stores an encryption key for the Log Collector.
The encryption key encrypts all event source passwords and the event broker password, but the actual event source passwords are not stored in the Lockbox.
When you create the Lockbox, you need to:
- Define a password for the Lockbox.
- Set a host system fingerprint based on stable system values.
The Log Collector operates the Lockbox in a mode during data collection that does not require you to specify the password (the Log Collector uses the host system fingerprint instead). You do need to use the Lockbox password to:
- Change the Lockbox password.
- Reset stable system values.
- Generate a new encryption key.
To access the Lockbox Configuration Parameters:
- In the Security Analytics menu, select Administration >Services.
- In the Services grid, select a Log Collector service.
- Click under Actions and select View > Config.
- Click the Settings tab.
- In the options panel, select Lockbox to maintain Lockbox settings.
The Lockbox view in the Settings tab has three sections: Lockbox Security Settings, Reset Stable System Value, and Generate New Encryption Key.
Lockbox Security Settings
Before you configure event sources for the Log Collector, you need to set up a lockbox. General guidelines for lockbox setup are:
- You only need to set a lockbox password once.
- Set the password before you configure event sources.
- After you set the password, the lockbox is set up for any event source that you add.
These are the lockbox security settings.
|Old Lockbox Password||When you set up a Lockbox for the first time, this field is blank. Security Analytics populates this field after you enter a New Lockbox Password and click Apply.|
|New Lockbox Password|| Initial or new lockbox password. |
Note: To maximize lockbox security, specify a password that is eight or more characters in length with at least one numeric character, uppercase character, and non-alphanumeric character such as # or !
|Apply||Click Apply to save the changes to the lockbox password.|
Reset Stable System Value
These are the Reset Stable System Value settings.
|Lockbox Password||When you set up a Lockbox for the first time, this field is blank. Specify the same Lockbox password that you entered under Lockbox Security Settings. Typically, you only need to reset this password if you change the host hardware.|
|Apply||Click Apply to set the system fingerprint in the lockbox.|
Generate New Encryption Key
This option generates a new internal encryption key and re-encrypts the Log Collector encrypted configuration parameter values (usually passwords). Clicking Apply activates the option.