As it turns out, you can't even do that in China:
Tuesday, August 25, 2015
So, You Can't Even Buy VPN App in China
I went to Amazon to buy the Cisco AnyConnect app to connect back to UM through VPN.
As it turns out, you can't even do that in China:
As it turns out, you can't even do that in China:
Monday, June 29, 2015
Does Anyone Still Care About the Basics?
Cisco's software has always been challenging. Much of those challenges, to put it bluntly, come from the company's neglect.
Here is a simple example: Click this link, select the "Cisco 4500" from the "Cisco Access Products" list, and click the "Go" button, instead of another page seemingly from the year of 1996, you get a 550 error.
How pathetic is that?
Here is a simple example: Click this link, select the "Cisco 4500" from the "Cisco Access Products" list, and click the "Go" button, instead of another page seemingly from the year of 1996, you get a 550 error.
How pathetic is that?
Wednesday, April 8, 2015
Splunk, SSO, Enterprise Security
Splunk is a powerful tool, therefore it is natural that the need to secure it in an enterprise is strong. With the push from upper management to secure access to privileged systems, 2-factor authentication (2FA) is the next defensive weapon to be deployed against attacks from both the outside and inside.
Looking into authentication and authorization mechanisms, especially SSO (single sign-on) in Splunk, it is amazing how much things have stayed the same since I first installed Splunk 4 back in 2011. This time, I am investigating the feasibility of using SAML 2 for Splunk to achieve both single sign-on and role-based access control (RBAC).
What I have found so far are not very encouraging and I seriously hope that someone prove me wrong.
Splunk has a number of ways for user authentication:
Scripted authentication would offer a way to implement both SSO and RBAC simultaneously if Splunk passes along HTTP request headers to the script. But that does not seem to be the case from reading their documentation.
Looking into authentication and authorization mechanisms, especially SSO (single sign-on) in Splunk, it is amazing how much things have stayed the same since I first installed Splunk 4 back in 2011. This time, I am investigating the feasibility of using SAML 2 for Splunk to achieve both single sign-on and role-based access control (RBAC).
What I have found so far are not very encouraging and I seriously hope that someone prove me wrong.
Splunk has a number of ways for user authentication:
- Splunk internal: User information is stored in Splunk itself. A user would have to sign on each and every time visiting a different Splunk web host.
- LDAP: Splunk uses an LDAP server as user ID store.
- Proxy SSO: Splunk web must run behind a proxy server, such as Apache or IIS, which actually implements the sign-on part of SSO.
- Scripted authentication: Splunk calls a custom script to perform user ID acquisition and authentication.
- LDAP: Using LDAP for authentication allows Splunk to map LDAP groups to Splunk roles for access control.
- Script: The script for authentication is also used to assign roles to the user.
Scripted authentication would offer a way to implement both SSO and RBAC simultaneously if Splunk passes along HTTP request headers to the script. But that does not seem to be the case from reading their documentation.
Subscribe to:
Posts (Atom)