Configuration

FlashBlade Integration

To use Data Security Essentials and audit data from your FlashBlade, follow these three necessary steps:

• Step 1: Enabling data stream using CLI or UI
• Step 2: Enabling auditing permissions
• Step 3: Adding the FlashBlade device in Data Security Essentials

Step 1: Enabling data stream

FlashBlade delivers data to Data Security Essentials via a syslog. First, create the syslog and then enable auditing for the selected file system.

Instructions to CLI

1. Log into FlashBlade Console

   • Use SSH to log into the FlashBlade console.

2. Create a Syslog Server Entry

   • Run the following command to create the syslog server entry:

        purelog create –uri udp://<ip-address-of-superna-dses-server> –services data-audit superna-dses-syslog-serve

3. Create an Audit Policy

   • Create an audit policy and assign it to the Data Security Essentials server:

   purepolicy audit file create superna-dses-syslog-audit –log-targets superna-dses-syslog-server

4. Assign the Audit Policy to the File System

   • Assign the audit policy to the specified file system:

   purepolicy audit file add superna-dses-syslog-audit –fs <file-system-name>

5. Review Syslog Entry

   • Once added, review the syslog entry by navigating to Settings -> Monitoring.

Instructions to UI

1. Go to Settings -> Monitoring and create a new syslog. In the IP field, enter the IP address of the Windows Server where Data Security Essentials is installed.

   

2. Next, go to Policies -> Audit and assign the audit policy to the file system.

   

3. In the next window, confirm that your file system is attached to the correct policy.

   

Step 2: Enabling Auditing Permissions

1. Access File System Properties

   • In Windows Explorer, right-click on the chosen file system and select Properties.

2. Navigate to Security Settings

   • Go to the Security tab and click on Advanced.

3. Update Auditing Entries

   • In the Advanced Security Settings window, go to the Auditing tab.
   • Update the auditing entries by adding a new entry or editing an existing one.

4. Configure Principal and Permissions

   • Click Select Principal and choose Domain Users.
   • Set the Type to All and update the permissions to Full Control.

Step 3: Add Managed Devices to Data Security Essentials

In Pure Console

1. Create a User

   • Go to Settings -> Users.
   • Create a new user named superna.

2. Copy the API Token

   • Copy the generated API Token (you will need to enter this in Data Security Essentials).

In Data Security Essentials

1. Add a Device

   • Go to the Inventory list and click Add device.

2. Enter Device Details:

   • Device Name: Enter the FlashBlade name.
   • API URL: Enter the FlashBlade IP address.
   • API Token: Enter the token copied from the Pure Console settings.

Database Configuration

All events tracked by the Data Security Essentials policies are stored in your designated database. In the initial version, the default database is SQL Express. Future releases will introduce options to switch to SQL Server with a specified account and to set database retention parameters.

In order to review your database settings go to Settings -> Database configuration. Review your database connection and authentication settings.

Email Configuration

The Superna Data Security Essentials Properties tab allows you to configure several application properties, including email settings. To set up the application email feature, follow these steps:

1. Navigate to Email Configuration

   • Go to Settings -> Email Configuration.

2. Enter Email Settings

   • Enter the correct information in each of the text boxes according to your email configuration.
   • Click OK to save the changes.