Remote Host

Imagine a hierarchical organization with a massive number of users and resources with the following organization setup:

Proxy servers - configured between the target resources and the user machines
Load balancers - deployed between the target resources and the user machines to maintain the request traffic

With the above organization setup, the audits and reports reflect the IP address of the load balancer/proxy server through which the user request(s) is forwarded instead of the actual user machines' IP addresses. When multiple requests occur consecutively, the same IP address (of the load balancer/proxy server) is captured for all the user requests under audits and reports. Because of this, none knows who accessed what and the exact user access information is also lost. Here comes the need for the Remote Host Header - it identifies the IP addresses of user machines accessing target endpoints through the load balancer or proxy server. As a result, the product audits and reports provide good visibility into user access.

Prerequisite

Before configuring Remote Host, find the request header information (e.g., X-Real-IP, X-Forward-For, etc.) in the 'conf' file of your load balancer/proxy server.

Notes:

If an organization has multiple load balancers/proxy servers, ensure you configure the request header of all those with the same header information.
We recommend you configure the load balancers/proxy servers in such a way that they forward only the IP address of the client. For example, replacing the header variable '$proxy_add_x_forwarded_for' with '$remote_addr' in NGINX will forward the actual IP address of the client.

Steps Required

Navigate to 'Admin >> Settings >> Remote Host'.

Enter the header information obtained from the 'conf' file of the load balancer/proxy server in the Remote Host Header.

Click Test to validate the provided header information with your load balancer/proxy server.
Upon successful test validation, click Save to complete the remote host configuration.
Click Clear to revoke the Remote Host configuration.


Remote Host Imagine a hierarchical organization with a massive number of users and resources with the following organization setup: Proxy servers - configured between the target resources and the user machines Load balancers - deployed between the target resources and the user machines to maintain the request traffic With the above organization setup, the audits and reports reflect the IP address of the load balancer/proxy server through which the user request(s) is forwarded instead of the actual user machines' IP addresses. When multiple requests occur consecutively, the same IP address (of the load balancer/proxy server) is captured for all the user requests under audits and reports. Because of this, none knows who accessed what and the exact user access information is also lost. Here comes the need for the Remote Host Header - it identifies the IP addresses of user machines accessing target endpoints through the load balancer or proxy server. As a result, the product audits and reports provide good visibility into user access. Prerequisite Before configuring Remote Host, find the request header information (e.g., X-Real-IP, X-Forward-For, etc.) in the 'conf' file of your load balancer/proxy server. Notes: If an organization has multiple load balancers/proxy servers, ensure you configure the request header of all those with the same header information. We recommend you configure the load balancers/proxy servers in such a way that they forward only the IP address of the client. For example, replacing the header variable '$proxy_add_x_forwarded_for' with '$remote_addr' in NGINX will forward the actual IP address of the client. Steps Required Navigate to 'Admin >> Settings >> Remote Host'. Enter the header information obtained from the 'conf' file of the load balancer/proxy server in the Remote Host Header. Click Test to validate the provided header information with your load balancer/proxy server. Upon successful test validation, click Save to complete the remote host configuration. Click Clear to revoke the Remote Host configuration.