Product Settings

You can change the following settings of ManageEngine AD360 from this tab.

  1. Connection Type
  2. Privacy Settings
  3. General
  4. Security Hardening
  5. Product File Tamper Detection

Connection Type

Privacy Settings

By default, AD360 secures your database backups with a strong, random password. If required, you can change the password for subsequent database backups by entering the new password in the Change Password for DB Backup Files field. Ensure that the new password is at least 8 characters long.

Note: If you forget the password that you have entered, the backup files created with that password cannot be restored. You will have to set a new password before taking the backups.

General

Security Hardening

This option allows you to configure and manage all product security settings in one place. A dashboard on the right side of the page displays a security score (as a percentage), which is calculated based on the importance of each configuration. Apart from this dashboard, the security settings alert will be shown under the browser and product notification centers, product License tab, and it will also be emailed to you along with product downtime and start-up mailers.

Product Settings

The security settings alert will be displayed in the notification center (which is the icon on the top-right corner) until a security score of 100% is reached. For licensed customers, the alert will also be displayed after every successful login until all the mandatory* security configurations are done. The security configurations available under AD360 are:

Product Settings

*The first three settings given in the above list are mandatory for AD360. It is, however, advisable to configure all settings and ensure your product security score is 100%. To manage individual settings, click the Configure option corresponding to that security setting and make the required changes. Once configured, the setting will have a green ticked Configured icon next to it, as shown in the image below.

Product File Tamper Detection

This feature examines the executable files (.exe, .bat, .msi, .dll and .rll) in the AD360 installation directory to detect the changes made to them. Product File Tamper Detection validates the files using checksum to ensure data security. If a file in the installation directory is found to be tampered with, an alert will be displayed after every successful product login.

Note:
  • PostgreSQL and JRE folders are excluded from scanning, as the external files will replace the product default files during externalization.
  • Patch folder is excluded from scanning as it contains modified files of the previous version.

The Product File Tamper Detection feature facilitates:

  1. Scanning the installation directory
  2. Classification of files
  3. Action to be performed when the file is tampered with

Product Settings

Scanning the installation directory

The files in the installation directory can be scanned in the following ways:

Classification of files

The files are listed under these categories:

Total Files: Total Files displays all the files that are found in the product installation directory, including the tampered files.

Files Monitored: Files Monitored displays the files with whitelisted extensions, where the current checksum matches the expected checksum after scanning them.

Tampered Files: Tampered Files displays the list of executable files that have been modified, i.e., the current checksum is not the same as the expected checksum.

New Files: Files that are not a part of the application bundle but have the whitelisted extensions will be scanned and shown under New Files. These new files can be included in future scanning processes, or can be restricted from being executed.

Product Settings

Action to be performed when the file is tampered with

Don't see what you're looking for?

  •  

    Visit our community

    Post your questions in the forum.

     
  •  

    Request additional resources

    Send us your requirements.

     
  •  

    Need implementation assistance?

    Try onboarding

     

Copyright © 2023, ZOHO Corp. All Rights Reserved.