Configure Security Settings for Vision
Use the Vision's Security Configuration to define security and access settings for your Vision server.
Security Settings
HTTP and HTTPS Ports
Define HTTP and HTTPS ports for Windows and Linux installed Vision servers.
Important
- Do not configure ports for a Vision appliance on the Network Ports dialog box. Instead, log on to the Vision Console Command Line and run the net ports command. The
net portscommand opens the firewall and updates the ports. See Issue Network Commands. - When changing your network ports, be sure to check your existing firewall configuration and make sure the appropriate firewall ports are open.
Access Control
For Vision to gather replication data for Q-Cloud Protect appliances or DXi devices running software versions 3.2 or later, it needs to identify itself through an SSH key pair.
Vision generates this key pair. The private key is Vision's secure identifier. The public key is shared with the Q-Cloud Protect appliance or DXi device. Vision has authorization to gather replication data only when the private and public keys match.
For more information about SSH key pair authentication, see one of the following:
- The Security topic in the DXi 6900 Documentation Center
- The Configuring Access Control topic in the Q-Cloud Protect Documentation Center
Important
If the private key is ever exposed, you can generate a new key pair from Vision. Keep in mind, though, that you must then distribute the new public key to all devices that currently use the old public key.
Configure Security Settings
- On the Vision Configuration menu, click Security to display the Security Configuration dialog box.
Figure 1: Security Configuration Dialog Box
- In the HTTP and HTTPS fields, enter the appropriate port numbers.
The default ports are 80 for HTTP and 443 for HTTPS.
- In the Public Key area, copy the text and paste it into the UI of the device from which Vision will gather replication data.
For detailed instructions on pasting the public key in the device's UI, see the Security topic in the DXi 6900 Documentation Center or the Configuring Access Control topic in the Q-Cloud Protect Documentation Center.
Important
You can generate a new key pair by clicking Generate New Key, but you must then distribute the new public key to all devices that currently use the old public key.
- Click Save to save your settings.
- Restart the Vision service to apply the security settings.
