Pluribus One WAS® provides a Graphical User Interface (GUI) to allows users to access all its functionalities in a simple and familiar way. Users will be able to manage the system from their web browser with the only some requirements: to have credentials to access the system, to have been granted access to the same network where the Pluribus One WAS® GUI is hosted.
Some key technical points:
- Pluribus One WAS® GUI is a web application.
- Pluribus One WAS® GUI fully supports the following web browsers: Mozilla Firefox, Google Chrome, Microsoft Internet Explorer.
- Pluribus One WAS® GUI runs from the host device where the entire Pluribus One WAS® software has been installed.
This is a short list of what users will be able to do using the Pluribus One WAS® GUI users are able to:
- Get overall statistics on the traffic and attacks onto the monitored domains.
- Inspect the received traffic, with detailed information on the attacks received and on the clients which generated malicious requests.
- Add and remove domains from the list of those monitored by Pluribus One WAS®.
- Define protection policies and send the protection rules to the Web Application Firewall.
- Create/delete users.
- Monitor the status of Pluribus One WAS® and the amount of resources used.
A General Description of the Views
Pluribus One WAS® GUI is organized in "views", several "pages" that provides users with the tools to perform the previously listed actions. A top navigation bar and a side menu allows users to quickly move from a view to another. The core view of the GUI is the "dashboard", it allows users to rapidly check the current status of the system, get notification and have an high level overview. For more information about the GUI dashboard and the rest of the views please refer to the other pages of the documentation within the category Graphical User Interface.
These are the views currently provided by the Pluribus One WAS® GUI:
- Login page - This page is the first visible one and it allows you accessing the GUI after you provide the correct credentials.
- Dashboard - This page is the "core" view of the system. The Dashboard is made of several widgets and it provides insights about the system status (e.g., is everything working? are the Data Sources providing traffic? etc) and the current results of the traffic monitoring (e.g., number of requests, number of alerts, etc) and protection activity (e.g., matched rules, etc).
- HTTP Clients - This view provides you with tools to manage the visitors (i.e., IP addresses) of the monitored web services. Discover who is visiting your web services, create and manage black lists and white lists.
- Applications - This view provides you with all the tools required to manage the application layer rules for your monitored web services. Discover what are the current warnings and alerts, create and manage rules to prevent further malicious activities.
- Server - This view is similar to the Applications view but focuses on the domains that are not currently monitored yet.
- Settings - This view focuses on all the settings for your Pluribus One WAS® installation.
- Information - On the top bar, in the right side, the "information button" shows you a menu and allows you to read miscellaneous information and third party licenses.
- User - On the top bar, in the right side, the "user button" shows you a menu and allows you to visit the page for password management (i.e., Change Password) and to Logout.
HTTP Clients View in Details
This view provides you with tools to manage the visitors (i.e., IP addresses) of the monitored web services. Are you ready to inspect the list of the visitors? You will be able to apply filters (e.g., IP by country, by time and date, etc) and manage black lists and white lists.
This view is organized into two sub-views:
- Inspection - this view allows you to inspect the list of the visitors of your web services. You can apply filters to find only visitors from a certain country or area, visitors that interacted with your web services in a specific time frame or that generated a certain kind of alert or malicious activity.
- Protection - this view allows you to manage some protection rules that are similar to black lists and white lists. You will be able to apply these rules for an amount of time of your choice and use them with a WAF (e.g., ModSecurity) or with a perimetral firewall.
Applications View in Details
This view provides you with everything you need to manage everything related to application-layer security and, in general, the security of all your monitored applications. Are you ready to inspect the received alerts and warnings? Are you ready to create a line of defense by creating, editing and uploading your protection rules? Everything you need is just here waiting for you to take the command.
This view is organized into two sub-views:
- Inspection - this view allows you to inspect all the alerts and warnings associated to a monitored application of your choice. For each alert you will be provided with detailed informations and you will be able to manage the alert (e.g., ignore it, classify it, etc) and even create some protection rules associated to it.
- Protection - this view allows you to inspect all the application-layer rules associated to a specific monitored application. You will be able to read all the details about each single rule and to manage it (i.e., edit, delete, load). You will be also provided with information regarding what incomings HTTP requests are associated to a specific rule of your choice.