8.9.5. GCenter Global Configuration
8.9.5.1. Introduction
This procedure describes the overall configuration of GCenter.
Note
The GUI is described in `Global settings` section.
8.9.5.2. Prerequisites
User : member of Administrator group
8.9.5.3. Preliminary operations
Login to GCenter via a browser (see Connecting to the GCenter web interface via a web browser). with the prerequisite rights.
8.9.5.4. Procedure to access the legacy web UI `Global settings`
screen
8.9.5.5. Procedure
The following screen is displayed:
- Enter the company name in field (1)
`Company`
.This field allows you to add the company name on the detection analysis reports.These reports can be downloaded after making an association between the GCenter and the Intelligence platform.The default is: empty. - Enter the password that protects the archive when downloading malware in field (2)
`Password for zipped malware files`
.The default is: empty.This password protects the archive when downloading malware and decompresses it to avoid an unfortunate click.This password is the same for downloading shellcodes.This feature is described in more detail in the Malcore parts. - Enter the number of days the data is stored in field (3)
`Data retention (in days)`
.The default is: 15.Note
The configuration is done in two steps:
First on GCenter at this field
The second at the GCap detection probe in the configuration settings
- Enter the maximum disk space allocated to store logs in field (4)
`Elasticsearch max data retention (in GB)`
.Attention
Larger size implies higher latencies and reduced performance and stability.
- Enable the selector (5)
`Enable GScan`
to allow real-time local analysis of suspicious malware or executables.The default is: enabled.Note
As part of the Military Programming Law, the GScan feature is disabled by default in this management interface.
- Enable selector (6)
`Enable Privacy SMTP`
to enforce privacy rights by hiding the email.subject field of SMTP alerts in GATEWATCHER dashboards for private emails.The default is: off.An email is considered private if its subject begins with the words private, private or private (not case sensitive). Select the network interface through which the GCenter is listening on the ports defined below in field (8)
`Input interfaces`
.- Select the listening port (linked to http protocol) in field (9)
`HTTP listening port`
.The default is: 80 - Select the network interface (for all http streams) in field (10)
`Outbound HTTP interface`
. - Enter the SSH banner (presented during pre-authentication on all paired GCaps and GCenter) in field (11)
`SSH banner`
.The default is: empty - Select the listening port (linked to the https protocol) in the
`HTTPs listening port`
.The default is: 80 Press the
`Save`
button (13) to save current settings and update the GCenter.
Important