MId Server in DMZ

Ragav4
Tera Contributor

‎06-23-2021 03:49 AM

We are planning to deploy the DMZ MId Server , right now the DMZ is completed with the built process. Can someone help me to know what re the pre-requestees and pre-requirement I have to know before setting up this MID. 

I was referring to couple of documents on which they were referring to put the DMZ Mid Server inside the DMZ zone and block all the firewall ports. Could some one help me to know these requirements and also the software to be installed on the MID. 

Labels:
0 Helpfuls
  • 2,683 Views
11 REPLIES 11

Jason82
Tera Guru
In response to cynlink1

‎12-27-2021 04:53 AM

The first Discovery job will roll through all available credentials for that type and attempt to auth. It will likely trigger alerts/logs for the failed auth. Credential affinity should ensure the correct credential is used from that point on.

You can scope a credential to specific MID Server(s) using the "Applies to" fields and selecting your target DMZ MID Servers.

0 Helpfuls

Andy M1
Tera Contributor
In response to Jason82

‎01-15-2024 07:01 AM

Regarding the OOB behavior where first round of discovery will try all available credentials until it finds a match, then creates a credential affinity record matching the Mid Server Sys_id + IP address + Credential sys_id.... 

 

If you really wanted to avoid the first round of alerts/incidents, you can pre-populate the credential affinity records ahead of time.  Assuming you have a single mid server in the DMZ, create one record for each IP Address (if you two, create two affinity records.  One for each Mid in the DMZ):

  • Mid Server:  sys_id of the DMZ mid server
  • IP Address:  IP Address of the client device to be discovered
  • Credential ID:  sys_id of the credential to use for the above IP address
  • Type:  string indicating the type of credential ssh, snmp, windows, etc (look at existing records to determine the appropriate type value)