Enabling Privacy Mode: Anonymizing User and Machine Names

Overview

Liquidware understands and respects privacy related issues and concerns of its users across the world. Whether it may be due to government regulations or some organizations ensuring privacy of its users, there are legitimate requirements for enabling the option to anonymize end user names and machine names within Stratusphere.

Liquidware offers the ability to totally anonymize end user names and machine names within Stratusphere. After this privacy mode is enabled, each newly registered user name and machine within the Stratusphere Database will be anonymized in a single one-way hash. Any user and machine that registered prior to enabling privacy mode will remain visible in plain text. Enabling privacy mode only works for users and machines that register from that point forward and does NOT work to hash user and machine names registered before enabling privacy mode.

Important: The anonymized conversion in Privacy mode is permanent and cannot be undone. Usernames and machines that existed prior to turning on privacy mode will still be stored in plain text.

Privacy mode can be disabled. Any user name and machine name registration received after disabling privacy mode will be stored in plain text and will not be hashed.

Important: After Privacy mode is enabled, the user and machine names already anonymized stay anonymized permanently even if Privacy mode is disabled at a later date.

Using the privacy mode might make Stratusphere reporting harder to read and follow because the end user will only see randomized pieces of text representing users and machines instead of the actual user names and machine names.

Preparation

  1. Procure any change controls required to make changes to the production Stratusphere Hub & Database appliances.
  2. Acquire credentials of the ‘friend’ and ‘root’ users to access the console of the Stratusphere Hub, Database, and Collector appliances.
  3. Procure access to the local console of the Stratusphere Hub, Database, and Collector Appliances depending on the hypervisor on which the Hub is housed. Alternatively, PuTTY can also be used to access the console of the Hub, Database, and Collector provided SSH (TCP/22) access is allowed to the appliances.

Enable Privacy Mode

To enable Privacy mode, complete the following steps:

  1. Using an SSH client like PuTTY (or Microsoft Windows 10 Command Prompt for AWS and Azure), log in to the Stratusphere Hub console using credentials for the friend user.
  2. Then use credentials for the root user to switch to the root using the su - command. Unless changed, the default password for both users is sspassword.
  3. Execute the following command to invoke a limited shell prompt:
  4. Copy 
    /opt/tnt/bin/mgrconfig
  5. On the new shell prompt, execute the following commands to anonymize user and/or machine names within the Stratusphere Database:
  6. Copy 
    set system user privacy on
    set system machine privacy on
  7. To save and quit, enter the following commands:
  8. Copy 
    write
    quit
  9. Press CTRL+D twice to log out of the root and friend SSH sessions and quit the SSH client.
  10. At this point, Stratusphere begins its anonymizing process, which can take some time. After it is complete, log in to the Administration section of the Stratusphere Web UI and navigate to the Inventory > Machines and Inventory > Users tabs to verify that the names have been anonymized.

Disable Privacy Mode

To disable Privacy mode, complete the following steps:

  1. Using an SSH client like PuTTY, log in to the Stratusphere Hub console using credentials for the friend user.
  2. Then use credentials for the root user to switch to the root using the su - command. Unless changed, the default password for both users is sspassword.
  3. Execute the following command to invoke a limited shell prompt:
  4. Copy 
    /opt/tnt/bin/mgrconfig
  5. On the new shell prompt, execute the following commands to disable anonymizing user and/or machine names within the Stratusphere Database:
  6. Copy 
    set system user privacy off
    set system machine privacy off
  7. To save and quit enter the following commands:
  8. Copy 
    write
    quit
  9. Press CTRL+D twice to log out of root and friend SSH sessions and quit the SSH client.
  10. All users and machines registering for the first time since disabling privacy mode will show up as plain text and will not be hashed. Users and machines that were previously anonymized under Privacy mode will remain anonymized.