5.6.33. `Admin-GCenter-Configuration` screen of the legacy web UI

After pressing the `Configuration` command from the `Admin-GCenter` menu, the following screen is displayed.
../../_images/CONFIGUR-01.PNG

Item

Name

Function

1

`Netdata polling` section

Configuration to have a Nagios-type supervision server retrieve the information

2

`Netdata Export` section

Configuration of data export to an external Netdata server

3

`Global settings` section

General GCenter configuration

4

`Proxy settings` section

Configuration of the proxy server to retrieve updates via that server

5

`SSL settings` section

Configuring the GCenter SSL (Secure Socket Layer) certificate

6

`Session age settings` section

Configuration of the maximum total duration of a session on the GCenter web interface

7

`License information` section

Viewing information about the current licence, checking its validity, and the available features


5.6.33.1. `Netdata polling` section

After pressing the `Netdata polling` button of the `Configuration` screen, the following screen is displayed.
../../_images/CONFIGUR-02.PNG

The `Netdata polling` section contains the following elements enabling data access to be configured for a Nagios-like monitoring server. This reads the information on the input interface.

Item

Name

Function

1

`Netdata polling settings` area
This area includes the following elements
Parameter definition area for metrics recovery via Netdata

2

  • `Allow unauthenticated users to poll netdata API` selector

Enabled

3

  • `Redirection port` field

Redirection port selector

4

  • `Input interface` field

GCenter input interface selector

7

`Authorized subnets` area
This area includes the following elements
Displays authorized IP addresses
On the right side, two buttons enable modifying the IP addresses and their possible deletion

5

  • `Update` button

Backup and validation of current parameters
If everything is ok then the message `The netdata polling configuration was successfully updated` is displayed

6

  • `Add subnet` button

Displays the IP address entry window for authorized subnets

Authenticated users can poll the Netdata API, available on Gstats.
For simple automation, it is possible to enable a non-authenticated user to poll the API.
In this case, the API endpoint is redirected to http on the port specified below: http://<gcenter_fqdn>:<redirection_port>.
An access list restricts the client subnets for which this redirection is available.
Refer to the documentation for more help on how to use this API with monitoring tools such as Nagios.
For more details on data management, see the presentation of Data use.
For implementation, see the Configuring the Netdata polling interface.

5.6.33.2. `Netdata Export` section

To export system data in real time to a remote Netdata server, a Netdata export interface is present in the GCenter and is reserved for this purpose.
This Netdata export interface must be configured with the necessary information.
After pressing the `Netdata Export` button of the `Configuration` screen, the following screen is displayed.

The `Netdata Export` section contains the following items:

Item

Function

1

`GENERAL` area selection button

2

`ENCRYPTION` area selection button

The `GENERAL` area contains the following items:

../../_images/CONFIGUR-03.PNG

Item

Function

3

`BACK TO CONFIG` button to return to the top screen

4

Input field `Port`: listening port of the Netdata server.

5

`Save` button: stores the current settings

6

`API key` field: the API key of the Netdata server.

7

`Output interface` input field: output interface to be used to reach the Netdata server

8

`IP Address/Hostname` input field: the FQDN or IP address of the Netdata server

9

`Enable` button: enables/disables the service

The `ENCRYPTION` field contains the following items for the Netdata part - Encryption:
This section is required for the administrator to set up encryption of the communication between the GCenter and its Netdata server.
A certificate is required to enable this feature.
../../_images/CONFIGUR-03-1.PNG

Item

Function

1

`Enable TLS` selector: enable/disable encryption. Disabled by default to return to the top screen

2

`Check certificate` selector: enables/disables checking the validity of the certificate when the TLS service is enabled

3

`Parcourir` button of the `Certificate file` area: enables loading the certificate file

4

`Save` button: save the current settings

For more details on data management, see the presentation of Data use.
For implementation, see the Configuring the Netdata export interface.

5.6.33.3. `Global settings` section

After pressing the `Global settings` button of the `Configuration` screen, the following screen is displayed.

../../_images/CONFIGUR-04.PNG

The `Global settings` section contains the following items:

Item

Name

Function

1

`Company` field

(default value: empty)

Adds the company name to be added to the detection analysis reports.
These reports can be downloaded after making an association between the GCenter and the Intelligence site (or the GBox)

2

`Password for zipped malware files` field (default value: empty)

Defines the password protecting the archive when downloading malware and unzipping it to avoid an unintentional click.
This password will be the same for downloading shellcodes.
The specifics of this functionality are described in more detail in the Malcore sections

3

`Data retention (in days)` field (default value: 15)

Defines the number of days the data is stored on disk.
Note that the configuration is applied in two steps: the first on the GCenter in this field,
The second at the level of the GCAP detection probe in the configuration parameters.

4

`Elasticsearch max data retention` field

(in GB)```

Sets the maximum disk space allocated for storing logs
Please note that a larger size implies higher latency, reduced performance and stability.

5

`Enable Gscan` selector (default value: enabled)

Enables real-time local scanning for malware or suspicious executables.
As part of the Military Programming Law, the GScan Function is disabled by default in this management interface.

6

`Enable Privacy SMTP` selector (default value: disabled)

Ensures that privacy rights are respected by hiding the email.subject field of SMTP alerts in the GATEWATCHER dashboards for private emails.
An email is considered personal if the subject line begins with the words private, personal or confidential (not case sensitive).

7

`Enable GeoIP` selector

Depreciated function

8

`Input interfaces` field

Enables/disables the interfaces on which the GCenter will listen on the following ports

9

`HTTP listening port` field (default value: 80)

Listening port related to the http protocol.

10

`Outbound HTTP interface` field

Defines the physical outbound interface for all http flows.

11

`SSH banner` field (default value: empty)

Sets the SSH banner presented during pre-authentication on all paired GCaps as well as the GCenter.

12

`HTTP listening port` field (Default value: 80)

Defines the listening port related to the http protocol.

13

`Save` button

stores the current settings

For implementation, refer to GCenter Global Configuration.


5.6.33.4. `Proxy settings` section

The AIONIQ solution includes the possibility of configuring a proxy server (or proxy) to communicate with:

  • The MISP server

  • The GBox

  • Gatewatcher update servers (via GUM)

Note

This update mode is part of the compliance with the Military Programming Law (MPL).
As such, the entity concerned will make its updates on a dedicated update server.
For more information, see the annex on MPL specifics in this document and the update section.

After pressing the `Proxy settings` button of the `Configuration` screen, the following screen is displayed.

../../_images/CONFIGUR-05.PNG

The `Proxy settings` section contains the following items:

Item

Name

Function

1

`Enable Web Proxy` selector

Enables/Disables the use of the proxy

2

`Proxy address` field

Sets the proxy server address as an IP address or FQDN

3

`Output interface` field

Selection of the GCenter network interface to be used to connect to the proxy

4

`Do not use proxy for Hurukai` selector

Depreciated function

5

`Do not use proxy for MISP` selector

Disables the proxy for interconnecting with the MISP server

6

`Do not use proxy for GBOX` selector

Disables the proxy for interconnecting with the GBox

7

`Do not use proxy for GUM` selector

Disables the proxy for accessing GUM

8

`Proxy port` field

Selection of the proxy listening port (1-65535)

9

`Update` button

Stores the current settings

For implementation, refer to Proxy Settings Configuration.

5.6.33.5. `SSL settings` section

After pressing the `SSL settings` button of the `Configuration` screen, the following screen is displayed:

This section enables configuring the Secure Socket Layer (SSL) certificate of the GCenter.
The generated certificate attests to the GCenter's identity and enables encrypting the exchanged data.
From this page it is also possible to configure mutual authentication (mTLS).
For implementation, refer to SSL Settings Configuration.

5.6.33.5.1. `Security details` area

The `Security details` area enables obtaining information on the certificate currently in use.

../../_images/CONFIGUR-06-1.PNG

This area includes the following items:

Item

Name

Function

1

`In use certificate details` field

Displays certificate information such as the date of issue and expiry, and the issuer of the certificate, etc.

2

`CA certificate information` field

Displays the certificate authority information enabling the identity of the correspondents to be determined in the `Dual Authentication` section

3

`CRL informations` field

Lists identifiers that were revoked, invalidated, or are no longer trustworthy.


5.6.33.5.2. `Custom Certificate` area

The `Custom Certificate` area enables using a specific certificate.
This is done by specifying the private key in the `GCenter Key` field and the PEM format certificate in the `GCENTER certificate` field and also by activating the `Enable Custom Certificate` selector.
../../_images/CONFIGUR-06-2.PNG

The `Custom Certificate` area contains the following items:

Item

Name

Function

1

`Enable Custom Certificate` selector

Enabling a personalized certificate

2

`GCenter Key` field

Selection of a GCenter key file

3

`GCENTER certificate` field

Selection of a GCenter certificate file

4

`Reset` button

Reinitalization of the configuration

5

`Update` button

Stores the current settings


5.6.33.5.3. `Dual authentication` area

The `Dual Authentication` area enables mutual authentication (mTLS).
This allows the user to verify the identity of the server as well as allowing the server to verify the identity of the user.
../../_images/CONFIGUR-06-3.PNG

The `Dual authentication` area contains the following items:

Item

Name

Function

1

`Enable Dual Authentication` selector

Enabling a personalized certificate

2

`Authentication mode` field

Selecting the type of authentication:

  • select `Forced`: making it mandatory for users to hold a certificate issued by the certification authority)

  • select `Optional`: only checks for the presence of a certificate

3

`Client CA Authenticator` field

Selection of a certificate file issued by the certification authority in PEM format

4

`Client CRL Validator` field

Selecting a file from the list of revoked certificates

5

`Update` button

Stores the current settings


5.6.33.6. `Session age settings` section

This section sets the maximum total duration of a session on the GCenter web interface.
After pressing the `Sessions age settings` button of the `Configuration` screen, the following screen is displayed.
../../_images/CONFIGUR-07.PNG

The `Session age settings` section contains the following items:

Item

Name

Function

1

`Days` field

Duration of the session in days

2

`Hours` field

Duration of the session in hours

3

`Update` button

Stores the current settings

For implementation, refer to Configuring Session Age Settings.

5.6.33.7. `License information` section

After pressing the `Licenses` button of the `Configuration` screen, the screen `License information` is displayed.
The `License information` screen is used to obtain information about the current license, verify its validity and available features.
This screen consists of the fields:
The `License details` area enables obtaining information on:
  • The material for which this licence was issued via its model and serial number

  • The period of validity of the licence

  • The associated contact address

  • The type of licence

The "License features" area provides information about enabling the various modules of the GCenter.
Finally, it is possible at the bottom of the page to enter a new licence, and also to set the notification in the interface of a near expiry date by entering the number of days before the expiration.
To obtain GCenter licence, please contact your GATEWATCHER business engineer or contact them at: trade@gatewatcher.com.
Once the license is validated and activated, the content of the page updates and displays the details of the license.
For the implementation of a new license, refer to Licence amendment.

Note

To obtain a GCenter license, please contact GATEWATCHER business engineers or contact them at trade@GATEWATCHER.com.


5.6.33.7.1. `License details` area

../../_images/CONFIGUR-08-1.PNG

The `License details` area contains the following items:

Item

Field

Function

1

`Serial Number`

Server information

2

`License name`

Name of the licence

3

`License registered to`

Registration of the licence

4

`License's owner email`

Email of the licence owner

5

`License valid`

Licence registration date and remaining duration

6

`Hardware type`

GCenter material type (e.g. virtual)


5.6.33.7.2. `License features` area

../../_images/CONFIGUR-08-2.PNG

The `License features` area contains the following items:

Item

Name

Function

1

`Hardening` field

Server information

2

`Malcore engines` field

Number of Malcore engines

3

`Codebreaker` field

Information on enabling the Malcore engine

4

`DGA` field

Information on enabling the DGA engine

5

`NDR - assets and users` field

Information on NDR user functions and equipment

6

`NDR - relations` field

Information on NDR relations functions

7

`License key` field

Entering the licence key

8

`License expiry warning (in days)` field

Entering the number of days of the licence expiration alarm message

9

`I accept the General Terms of Use` field

Selecting acceptance of the terms of use

10

`Update` button

Stores the current settings