About the Admin UI
The Admin UI is the Threat Grid Appliance administrator's main configuration interface. It is a Web portal that can be used once an IP address has been configured on the Threat Grid Appliance Admin interface.
Note |
The initial setup and configuration wizard is described in the Cisco Threat Grid Appliance Getting Started Guide. |
The Configuration menu in the Admin UI is used to configure and manage various Threat Grid Appliance configuration settings, including:
Section |
Description |
---|---|
Describes how to configure LDAP and RADIUS authentication for logging into the Threat Grid Appliance Admin UI. |
|
Describes how to add CA certificate for outbound SSL connections for the appliance to trust the Cisco AMP for Endpoints Private Cloud. |
|
Describes how to change your Admin UI password. |
|
Describes features, limitations, and requirements of clustering Threat Grid Appliances; network and NFS storage requirements; how to build a cluster, join appliances to the cluster, remove cluster nodes, and designate a tie-breaker node; failure tolerances and failure recovery; API and operational usage and characteristics for clusters, and sample deletion. |
|
Describes how to add Network Time Protocol (NTP) server to configure date and time. |
|
Describes how to configure your email settings (SMTP) for system notifications. |
|
Describes how to configure third-party detection and enrichment services (OpenDNS, TitaniumCloud, VirusTotal); enable or disable ClamAV automatic updates. |
|
Describes how to upload your Threat Grid Appliance license or retrieve it from the server. |
|
Describes how to adjust the IP assignment from DHCP to your permanent static IP addresses, and how to configure DNS. |
|
Describes how to configure the network exit options that are available in the Threat Grid portal when submitting samples for analysis. |
|
Describes appliance backup, including NFS requirements, backup storage requirements, backup expectations, and configuring the strict retention period limits; how to perform a backup. |
|
Describes how to manage notification recipients. |
|
Describes how to set up SSH keys to provide access to the TGSH Dialog via SSH. |
|
Describes how to configure SSL certificates to support Threat Grid Appliance connections with Email Security Appliance (ESA), Web Security Appliance (WSA), AMP for Endpoints Private Cloud, and other integrations; replacing SSL certificates. |
|
Describes how to configure a system log server to receive syslog messages and notifications. |
Note |
|
Important |
The Admin UI uses HTTPS and you must enter this in the browser address bar; pointing to only the Admin IP is not sufficient. Enter the following address in your browser: https://adminIP/ OR https://adminHostname/ |