LDAP Support for Centralized Authentication
by April 24, 2018

Filed under: Performance Monitoring, Product News

Security is at the heart of many large organizations and the IT departments we engage with on a daily basis push us to meet their needs. As they’ve become more sophisticated in requirements for authentication we’ve kept in step. For a while now we’ve offered SAML and SSO for our web user interface. With the release of LDAP support, AppNeta customers can now enforce their own authentication policies across their AppNeta deployment. However, until now, AppNeta Monitoring Points were a locked-down physical or virtual appliance designed to operate stand-alone in all environments.

LDAP Benefits

  • Centralized control – AppNeta now folds into existing centralized policies around password length, complexity and schedule of change.
  • No more sticky note – There are no new passwords to remember. Authorization groups control login rights.
  • Better security visibility – The audit trail for monitoring point activity links to individuals through their central authentication identity.

Key Concepts

Why we use Two Authentication Methods

AppNeta uses both SAML and LDAP because they are provide different types of security. As a secure external authentication mechanism SAML serves as web app authentication. In contrast, the AppNeta Monitoring Point is deployed within the customer environment, behind the firewall and has direct access to LDAP identity management systems. Both of these technologies can use the same LDAP or Active Directory source, but one is designed for external access and one is designed for internal access.

Start Using LDAP

To make use of the support all you need is an LDAPv3 compliant directory server that is accessible from the Monitoring Point itself. There must be an authorization group on that server containing the Monitoring Point administrators. For login attempts, the monitoring point accesses the LDAP server and search the correct authorization group. The default configuration is a great place to start for some customers, but the configuration of LDAP for AppNeta is simple.

AppNeta LDAP Workflow

AppNeta LDAP Workflow

Note for Existing Customers

LDAP is only available on our current generation of appliances–m35, v35 or r45. AppNeta will not be porting this functionality to previous generations. To devise an upgrade plan or to ask any further questions please reach out to your Customer Success Manager or email customersuccess@appneta.com.