Creating an HTTP server

Note

  • A server object can be linked to only one anonymous account.
  • A server object can be linked to only one forward account.

Warning

HTTP rendering and recording is CPU intensive and may have negative impact on system’s performance. A physical appliance is recommended for monitoring HTTP connections with the following limitations regarding the maximum number of concurrent HTTP sessions.

Model Maximum recommended number of concurrent HTTP sessions*
F100x 2
F300x 5
F500x 10

*The actual value depends on the Fudo PAM instance configuration.

  1. Select Management > Servers.
  2. Click Add and select Static server.
../../_images/servers_add.png
  1. Enter server’s unique name.
  1. Select Blocked option to disable access to server after it’s created.
  1. Select HTTP from the Protocol drop-down list.
  2. Enter value of the HTTP timeout parameter, determining the time period of inactivity (expressed in seconds), after which the user will have to authenticate again.
  3. Enter optional description, which will help identifying this server object.
  4. In the Permissions section, add users allowed to manage this object.
  5. In the Destination host section, enter server’s IP address and port number.
  1. From the Bind address drop-down list, select Fudo PAM IP address used for communicating with this server.

Note

  • The Bind address drop-down list elements are IP address defined in the Network configuration menu (Network interfaces configuration) or labeled IP addresses (Labeled IP addresses).
  • In case of cluster configuration, select a labeled IP address from the Bind address drop-down list and make sure that other nodes have IP addresses assigned to this label. For more information refer to the Labeled IP addresses topic.
  1. Specify the monitored resource in the HTTP host field.
  1. Select the Use TLS options to connect to monitored server over TLS.
  2. Select the Enable SSLv2 support to support SSL v2 encrypted connections.
  3. Select the Enable SSLv3 support to support SSL v3 encrypted connections.
  4. Click i to upload CA certificate.
  5. Click i to download the server’s certificate or paste the certificate into the text area.
  6. In the HTTP host field, provide the HTTP host header value.

Note

The HTTP host header determines the requested content in case there are many web sites hosted on the specified server.

  1. From the Authentication method drop-down list, select one of the pre-defined online services or select Other to provide custom login page details.

Note

Authentication method enables seamless login credentials substitution when establishing a monitored HTTP connection.

In case of custom login credentials, the login and the password fields are identified using CSS selectors.

../../_images/http_code.png ../../_images/http_auth_other.png

For more information on CSS selectors refer to https://www.w3.org/TR/selectors-3/

  1. Click Save.

Related topics: