Security Settings


This section explains the security settings that can be made in Applications Manager. This can be accessed by clicking the Settings tab and selecting Security Settings under Product Settings section. This page will display how secure your Applications Manager instance is, in terms of percentage graph.

Following are the list of options that are available in the Security Settings page:

User Management

  • Enforce strong password rules for users: Allows you to enforce strong password rules for users accounts in Applications Manager. Learn more
  • Enforce account lockout: Allows you to enforce account locks in case of consecutive failed login attempts. Learn more
  • Two Factor Authentication: Additional level of authentication to improve security by requiring the user to provide a unique time-based one time password (TOTP) generated through Authenticator Apps, or as a one time password (OTP) sent to the user's configured email address. Learn More.

Server Port and Protocol Configuration

  • Disable HTTP port in Applications Manager: By default, Applications Manager can be accessed via both HTTP and HTTPS ports. Choose this option to disable HTTP access. Learn more
  • Use Third Party SSL Certificate: Applications Manager comes with a self-signed SSL certificate for HTTPS to work. Use this option to configure and apply your own CA signed SSL certificate. Learn more
  • Disable TLSv1 and TLSv1.1 protocols for HTTPS port: Applications Manager supports TLSv1, TLSv1.1 and TLS v1.2 by default. Use this option to disable old TLS v1/1.1 protocols. Learn more

Others

  • Reports Settings - Export Data Protection: Allows you to configure a password for Data Protection in PDF Schedule Reports. Learn more
  • Enable security response headers: These headers are an added layer of security that helps browsers to detect and mitigate certain types of attacks.
    • Content-Security-Policy: Configures frame-ancestors directive to combat click-jacking. Learn more
    • HTTP Strict-Transport-Security (HSTS): Inform browser that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. Learn More.
  • Disable file upload: Allows you to disable the Upload Files / Binaries option in Settings tab.
  • Enable read-only database user connection for Query Tool: When enabled, Applications Manager uses read-only user database connection to execute queries in the Query Tool page under Support → Database Summary