Does Web Threat Detection user Require Direct Network Access?
Originally Published: 2016-11-02
Article Number
Applies To
RSA Product/Service Type: Mitigator
RSA Version/Condition: 4.x - 6.1
Issue
Example Customer question -- Our SilverTail servers are being identified as having Direct Network detected for rsawtd – direct network access is enabled. As far as I remember, this is the id used for the software. So this access is needed. Can you please confirm if the user rsawtd needs direct network access?
Resolution
Directory Permissions
The user ID rsawtd is the main user in WTD. This user is set as the owner for the var/opt/silvertail/* directories.
This user owns and runs the processes in WTD... just do a top -H or ps -ef on one of your servers and you will see.
Cassandra database utilizes the rsawtd user to own processes, but not for the actual user name for database access.
Please Note: It is recommended to change the default name and password for Cassandra upon installation.
(from installation guide version 6.1)
WTD runs and communicates to distributed the service components across multiple servers. These are typically located across the local, internal network, so this user requires network access. Please note that all WTD components use the same Cert and Key files to validate SSL connections with other components.
Related Articles
How to fix Account Collector for Active Directory when it fails with java.lang.NoClassDefFoundError in RSA Via Lifcycle an… Number of Views Certificate not verified error when changing Active Directory identity source from LDAP to LDAPS in RSA Authentication Man… Number of Views How to implement SAML SSO Authentication with Microsoft Azure Active Directory and RSA Identity Governance & Lifecycle Number of Views How to replace the RSA Authentication Manager self signed console certificate with a signed certificate from Microsoft Act… Number of Views LDAP authenticator based on Active Directory Identity Collector fails with the error 'Connection could not be established … Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
