NBA configuration file nbaconfig.xml contains the following XML tags:
<networkagent>
<debugflags>
<settings>
<online>
<active>
<capture>
<objtypes>
<httpgetfiletypes>
<numberofbuffers>
<sizeofbuffers>
<policyenginespercpu>
<diskfullpercent>
<diskfullintervalsecs>
<ssl>
<validityperioddays>
<commonname>
<organizationname>
<localityname>
<provincename>
<countryname>
<ciphersuites>
Note: If nbaconfig.xml contains syntax errors, these are recorded in the Agent Management log file.
Contains the <debugflags> and <settings> tags described below.
Flags that control logging of additional debug information for use by software developers.
Always set to type="simpleEnumDebugFlags".
Always set to value="none".
Contains the configuration tags described below.
Determines whether the NBA is online or offline. You can edit this tag directly, or you can use the NBA console to set the NBA’s status. If you use the console, this XML tag is updated automatically. This tag is also supported in nbapolicy.xml
The Packet Processing switch in the Administration screen of the NBA console has the same effect as this policy tag.
This tag supports type and value attributes:
Always set to type="booleanType".
Can be set to:
For the NBA to be online, this tag must be set to true in both nbapolicy.xml and nbaconfig.xml. That is, both must contain:
<online type="booleanType" value="true"/>
Determines whether the NBA is running in active or passive mode. You can edit this tag directly, or you can use the NBA console to set the mode. If you use the console, this XML tag is updated automatically. This tag is also supported in nbapolicy.xml.
The Stream Blocking switch in the Administration screen of the NBA console has the same effect as this configuration tag.
This tag supports type and value attributes:
Always set to type="booleanType".
Can be set to:
For the NBA to be in active mode, this tag must be set to true in both nbapolicy.xml and nbaconfig.xml. That is, both must contain:
<active type="booleanType" value="true"/>
This tag determines the NBA output location for captured emails and files. The NBA can output these emails and files via a socket connection to a policy engine or hub, or it can save them to local folders on the NBA.
The Output Mode setting in the Administration screen of the NBA console has the same effect as this configuration tag. If you can use the NBA console to set the NBA output mode, this XML tag is updated automatically.
This tag supports type and value attributes:
Always set to type="simpleNBAcaptureMode".
Can be set to:
This tag specifies which protocols or ‘channels’ to capture. You can either configure the NBA to capture all channels or you can selectively add individual channels. The syntax is the same as for the <protocols> tag in application filters.
Notes:
<objtypes type="stringListType">
<element value="ALL"/>
</objtypes>
(Applies only to application filters that include the HTTPGET protocol)
Specifies a list of document types, identified by their file name extension and separated by semi colons. When a user downloads a document from a Web site, the NBA only captures document types that match types in this list. It ignores all other document types. Even if the file extension for the downloaded document does not match this list, the NBA can determine its file type from the content of the document.
On Bivio 7000 appliances, the HTTPGET File Types setting on the policy screen of the NBA console has the same effect as this configuration tag.
Default: The list includes Microsoft Office file types such as DOC, DOCX, PPT and XLS, plus other common document types such as TXT and PDF. For the full list, see the default nbaconfig.xml; find this in the \config folder in the NBA FTP folder.
Examples: Add ‘.XML’ to the list of file types to capture RSS feed data when browsing the web. Add '.HTM' to the list of file types to capture web page content.
Defaults to 20,000. This tag specifies the number of memory buffers available to each NBA application processor. The NBA uses these buffers to store data packets while they wait to be written to disk. When these buffers are full, the NBA cannot accept further packets until buffers become available again. The NBA will therefore miss any packets arriving while the buffers are full.
The default buffer size is 8KB, so the default number of buffers guarantees that 160MB of data can be buffered by each NBA application processor before it needs to discard additional incoming data. The default buffer size is defined by the <sizeofbuffers> tag.
This tag supports type and value attributes:
Always set to type="numberType".
Specifies the number of buffers. For example, to specify 30,0000 buffers, set this attribute to:
<numberofbuffers type="numberType value="30000"/>
Note: Using memory buffers to decouple the data capture process from the process of writing data to disk minimizes the risk of the NBA losing data packets.
Defaults to 8,000. This tag specifies (in bytes) the default size of the memory buffers on the NBA. The number of buffers available to the NBA is set defined by the <numberofbuffers> tag.
Always set to type="numberType".
Specifies the buffer size. For example, to specify 10KB buffers, set this attribute to:
<sizeofbuffers type="numberType value="10000"/>
Defaults to 1. This tag specifies the number of concurrent policy engine connections for each NBA application processor.
Always set to type="numberType".
Specifies the number of connections This is normally set to 1.
Note: See the Troubleshooting section of this manual for more information on how to use this setting to improve load balancing.
Defaults to 80. The minimum value is 50.
This tag specifies the critical level of used disk space on the NBA, measured as a percentage of total disk space.
If the amount of used disk space rises above the specified percentage (causing a critical shortage of free disk space), the NBA stops saving captured emails or files to local folders on the NBA, if configured to do so. The NBA’s ability to save local copies resumes as soon as the level of used disk space falls back (so that free disk space recovers).
Data analysis is unaffected and continues as normal, even if used disk space rises above the critical threshold. For example, the NBA will continue to forward emails and files to policy engines for processing.
Defaults to 15. This tag specifies how often the NBA checks the level of free disk space. This tag operates in conjunction with the <diskfullpercent> tag.
Contains the SSL Decode configuration tags described below.
Specifies the number of days that the SSL Decode master certificate is valid for.
Default: 730.
Always set to type="numberType".
Specifies the number of days.
Note: This setting is only used when the master certificate is generated, which is after installation and after expiry of the certificate. Install Master certificates in every browser whose traffic needs to be decoded. After generating the certificates, distribute them to all client machines.
Specify SSL Decode master certificate properties. When presented with a certificate for a web site, the client sees the commonname property in the ‘signed by’ field, and the remaining properties in the site’s parent certificate. Customize these tags for your organization.
Always set to type="stringType".
Specifies the text for the master certificate.
Note: These settings are only used when the master certificate is generated, which is after installation and after expiry of the certificate. Install Master certificates in every browser whose traffic needs to be decoded. After generating the certificates, distribute them to all client machines.
Specifies the set of allowed SSL Cipher Suites that will be used when connecting to SSL servers. Low strength ciphers are disabled and the NBA is set to choose the highest strength cipher available to it. For more details, see http://www.openssl.org/docs/apps/ciphers.html.
Always set to type="stringType".
Defaults to value="ALL:!ADH:!LOW:!EXP:@STRENGTH"
|
Copyright © 2014 CA.
All rights reserved.
|
|