AD Network and Security Considerations
Considering Anomaly Detection (AD) is a Workbench feature/component, please follow the Workbench Networks and Security Considerations for details.
AD communicates with Workbench IO over HTTP for insert/update of Anomaly Detection Insights and Alarms.
- TLS connection/communication between Workbench IO to Anomaly Detection is supported
Enable Workbench Anomaly Detection Host TLS
Review the details of this configuration in Workbench Configuring TLS.
Please follow these steps to enable the AD Host TLS settings:
- Certificates need to be in a Java Key Store (.jks file) and accessible on the host by the user account running AD
- Within Workbench UI, browse to the Configuration > Hosts section and select the AD host that TLS will be enabled on
- Within the host object settings, navigate to the "2. Workbench TLS Communication" section
- Populate the following options:
- Keystore Path: path of the Java Key store on the host
- Keystore Password: password for the key store
- Truststore Path: path to the Java trust store
- Truststore Password: password for the Java trust store
- Protocol (default: TLSv1.2): TLS protocol that will be used
- Algorithms: comma-delimited list of cipher suites that the host will use for TLS negotiation/communication with other nodes
- Mutual-TLS: check to enable mutual TLS
- Click the save button to commit the changes
- Restart the AD service for changes to take effect