If you are currently using version 5.x.x, we advise you to upgrade to the latest version before the EOL date. You can find the latest documentation here.
Restrict Gateway hosts
Overview
In order to provide an extra level of security, it is possible to configure a Netprobe to only accept connections from a nominated 'trusted' list of Gateway hosts.
This is done by setting the TRUSTED_GATEWAY_HOSTS
variable, either in the registry, or as an environment variable on and other platforms.
The variable should be set to the names of the trusted
hosts, separated by commas. For more information, see Setting variables for Netprobe on Windows platforms in Netprobe variables.
TRUSTED_GATEWAY_HOSTS may contain a host alias as
defined in /etc/hosts file. If TRUSTED_GATEWAY_HOSTS is
set to +, then any Gateway is trusted—this is
equivalent to not setting the TRUSTED_GATEWAY_HOSTS
variable.
Non-trusted hosts attempting to connect will cause a warning message to be logged on the Netprobe and to all connected Gatewayand Active Console Event Tickers.
For security, you can only set the TRUSTED_GATEWAY_HOSTS setting
on the machine running the
Netprobe. You cannot set it as part of the
probe configuration on the Gateway.
A similar setting, TRUSTED_GATEWAY_NAMES, can be
configured to restrict Gateways connecting to Netprobe in
the same manner as TRUSTED_GATEWAY_HOSTS. This
setting checks the Gateway name rather than the host.
Note: Only one Gateway should attempt to connect to each Netprobe. If multiple Gateways connect to a single Netprobe, then only the first connection attempt will get a successful connection. The succeeding connection attempts will be rejected.