Sec/User Mgmt: Overview

Document created by RSA Information Design and Development on Sep 19, 2017Last modified by RSA Information Design and Development on Oct 2, 2017
Version 3Show Document
  • View in full screen mode
 

This topic provides an overview of PKI authentication and how it is used to access NetWitness Suite User Interface (UI).

In 10.5.0.2 or later, PKI authentication can be used to access the NetWitness Suite UI. PKI allows users to authenticate and access the NetWitness Suite UI using digital certificates.

Certificates are issued by a Third-Party Certificate Authority (CA) (external to NetWitness Server). The following categories of certificates are required for PKI authentication:

  • NetWitness Server certificate (private key and its chain)
  • Trusted CA certificates
  • User certificate (issued by CA)

NetWitness Server Certificate

This certificate is used by NetWitness Server to present its identity. This certificate is issued by a trusted CA. When a user accesses the NetWitness Suite UI using HTTPS, this certificate is presented to the user in the web browser.

Trusted CA Certificates

These are collection of CA certificates. NetWitness Server uses these certificates as the trusted authorities to validate the certificate provided by the user. If the user does not have a certificate signed by one of these CA(s), the user is not allowed to access the NetWitness Suite UI. 

User Certificate

This certificate is used by the NetWitness Suite user to present the user's identity. This certificate is issued by a CA that is trusted by the users. The user certificates, by default, are identified by most browsers. In case the certificates are not identified, the user must import the certificates into browser certificates store.

NetWitness Suite PKI Authentication Workflow

The following figure shows how the user can access NetWitness Suite using PKI authentication.

This is a workflow for PKI authentication.

The following points explain the workflow of the above figure.

  1. User tries to access the NetWitness Suite UI using the web browser. For example, https://nw-host/login
  2. The user is prompted to select the user certificate.

Note: The certificate prompt may appear differently depending on the browser.

  1. User selects the certificate. The browser sends the selected certificate to the NetWitness Server for authentication.
  2. If the authentication is successful, the NetWitness Server authorizes the user based on the user groups configured on the Active Directory Server(s). 
  3. If the user authentication and authorization are successful, the NetWitness Suite dashboard is displayed.

Note: If the certificate validation fails, the user cannot access the NetWitness Suite Dashboard.

You are here
Table of Contents > Sec/User Mgmt: Overview

Attachments

    Outcomes