000034317 - What are the basic requirements for RSA Web Threat Detection to capture our website's traffic?

Document created by RSA Customer Support Employee on Jan 11, 2017Last modified by RSA Customer Support on Jun 30, 2018
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000034317
Applies ToRSA Product Set: Web Threat Detection
RSA Product/Service Type: Forensics, SilverTap
RSA Version/Condition: 4.x, 5.x, 6.x
IssueWhat are the basic requirements of a website design necessary to allow RSA Web Threat Detection( WTD) to be able capture the traffic for analysis?

Example Scenario:
"Our website is currently built with singe page application design (SPA). We believe this is causing some difficulty for the system to track certain activities and site flow details within transactions."
ResolutionThe basic requirements for RSA Web Threat Detection and SilverTap to capture website traffic are that we need to see the browser HTTP request and the Server's response to that request.  SilverTap needs be able to do the following, capture packets from the stream, see the IP source information included in the headers, and the original URL string.

Once the system is configured to capture the website data, we can then create a transaction and create attributes which can have rules and alerts applied. This traffic can then be analyzed.

Please Note: If this basic answer does not provide a specific resolution to a current issue, please open up a case with RSA Customer Support.