Submit a ticketCall us

AnnouncementsAre You “Flying Blind?”

When it comes to your complex IT infrastructure, you want to ensure you have a good grasp of what’s going on to avoid any fire drills that result from guesswork. Read our white paper to learn how proactively monitoring your IT environment can help your organization while giving you peace of mind.

Get your free white paper.

Home > Success Center > Log & Event Manager (LEM) > Log & Event Manager (LEM) Documentation > LEM Administrator Guide > LEM security checklist: Ensure that only authorized users can access LEM

LEM security checklist: Ensure that only authorized users can access LEM

Updated: September 6, 2018

Complete the tasks on this checklist to help prevent unauthorized users from accessing LEM.

General security tasks

  1. Read the Log & Event Manager Appliance Security and Data Protection blog post on THWACK. 

Securing the LEM Manager and the LEM consoles

  1. Run the activate command from the CMC command line.

    Run this command to export the SSL certificate that ensures secure communications between the LEM desktop console and the LEM Manager.

    See Run the activate command to secure LEM and configure network settings for steps.

  2. Set the minimum password requirements for local LEM user accounts.

    See Set the global password policy for LEM users for steps.

  3. Restrict the filters that Monitor role users can access.

    See Specify the filters that users assigned the Monitor role can use in the LEM console for steps.

Securing the CMC command-line interface

  1. Change the default CMC password.

    See Change the LEM CMC password for steps.

  2. Restrict SSH access to the CMC command-line interface.

    (Optional) This procedure blacklists everyone from logging in to the CMC interface except those users who connect from an explicitly allowed IP address or host name.

    See Restrict SSH access to the LEM CMC interface for steps.

Securing the LEM reports application

  1. Secure the LEM reports application.

    See Restrict access to the LEM reports application for steps.

  2. Enable transport layer security (TLS) between the LEM reports application and the LEM database.

    (Optional) The Transport Layer Security (TLS) option introduces an extra level of security for data transfers between a LEM database and the Reports application.

    See Enable transport layer security (TLS) in the LEM reports application for steps.

Last modified