AlienVault provides a USM appliance that can help you manage threat detection and monitor your infrastructure. The USM appliance also supports LDAP authentication for logins, which you can connect to Foxpass.
AlienVault's documentation on this feature can be found here:
Once you get to the 'Login Methods/Options Values' section, fill out the fields according to these instructions.
Create an LDAP Binder with the name 'alienvault' on the LDAP binders page. Copy/paste the generated password! It is only displayed once. The binder will allow AlienVault USM to connect to Foxpass and pull directory data and authenticate users.
|Remote login key|
|Enable LDAP for login||Yes|
|LDAP server address||ldaps://ldap.foxpass.com|
|LDAP server port||636|
|LDAP server SSL||Yes|
|LDAP server TLS||No|
|LDAP server baseDN||dc=example,dc=com|
|LDAP server filter for LDAP users||(uid=%u)|
Note: this will return all users in your directory.
|LDAP password for Username|
|Require a valid ossim user for login||Yes.|
Note: This feature must be enabled for AlienVault to check user authentication. Disabling this feature will result in a less secure configuration. For each user in Foxpass that needs access, you must create a user in the USM Appliance with the same username.
For the DN's that reference "dc=example,dc=com", replace with your organization's base DN. Your base DN can be found on the dashboard page.
Updated over 4 years ago