Configuring HTTP Attribute Server

The default Nozomi Networks template provides the list of possible attributes that can be received from the network security device along with attribute value. The template also provides possible actions that can be taken for an attribute. Ivanti Policy Secure is loaded with default template for Nozomi Networks.

This configuration is common for both Ivanti Policy Secure and Profiler.

To add the HTTP Attribute server in Ivanti Policy Secure:

  1. Select Authentication > Auth.Servers, select HTTP Attribute Server under New and click New Server.

  2. Enter the name.

  3. Select Nozomi Networks-SCADAguardian-Ivanti Connect Secure Security Solution as template.

  4. Enter the IP address or hostname of Nozomi Networks server.

  5. Enter the user name and password (Admin credentials of Nozomi Networks).

  6. Enter the backup host name/IP address, user name and password.

  7. Click Test Connection to test connectivity between Ivanti Policy Secure and Nozomi Networks server.

  8. Click Save Changes.

 

- A subset of attributes supported by Nozomi Networks is added in the default template. A new template can be created by Admin and has to be uploaded on Ivanti Policy Secure for supporting any additional attributes apart from the one's in the default template
- Nozomi Networks does not support more than 4 simultaneous TCP connections (See Nozomi Documentation for more details). During high load, Ivanti Policy Secure may establish more than 4 connections. Hence, it is recommended to use Profiler as a device attribute server (with Nozomi Networks as a collector) to overcome this limitation.