Registering Units
Register managed units to communicate with the Central Manager.
You can register Guardium units for central management either from the Central Manager or from the unit itself. Regardless of how the registration is done, the Central Manager and all managed units must have the same system shared secret. If the unit to be managed is already registered for central management with another manager, unregister the unit from that central manager before you register it with the new manager. Be sure to understand exactly what happens to that unit when it is registered and unregistered for central management.
What Happens during Registration
The following actions happen on registration.
- The unit type is set to managed and manager IP is stored.
- Product key of manager is applied. (License key is not propagated with Ping or User sync. It is sent on registration or when the system refreshes.)
- All job scheduling is reset to default.
- All psml files (portal GUI customizations) are removed.
- All local users and roles are removed.
- List of threshold alerts that is not be evaluated is reset.
- Users roles, permissions from manager are loaded.
- Custom classes, user uploaded JARs, LDAP truststore from manager are uploaded.
- Database connection from managed to manager is enabled.
- Database connection from manager to managed is enabled.
- CAS listener is started if needed.
After registration all definitions of reports, queries, groups, policies, audits, and more are retrieved from the Central manager.
- Policies and groups
- Queries and reports
- Security assessments
- Datasources
- Data marts
- Dashboards
If the Registered Unit Status Remains Offline
If you know the unit that is registered is online and accessible from the Central Manager, but its status remains offline, then complete the following steps.
- Verify that the unit to be managed is online, accessible, and operational by using a browser window to log in to the Guardium system on that unit.
- Click Refresh for the unit.
- Check that you entered the correct IP address for the unit.
- Check that the unit has the same shared secret as the Central Manager.
Registering from a Managed Unit
On a managed unit, you can use the GUI to register the unit with the Central Manager. Otherwise, you can use the CLI register command as described in Registering a Managed Unit with the CLI.
- Click Central Management Registration. to open
- For Host IP, enter the IP address of the Central Manager.
- For Port, enter the https port for the Central Manager (usually 8443).
- Click Register.
After you register on the managed unit, it initiates communication with the Central Manager, and nothing more needs to be done.
Registering a Managed Unit with the CLI
- On the managed unit, log in to the CLI.
- Type register management <Manager IP> <Manager Port>
After you register on the managed unit, it initiates communication with the Central Manager, and nothing more needs to be done.
Registering units from the Central Manager
You can register units that are not currently accessible.
- Navigate to Central Management. to open
- Click Register New. The unit Registration page opens.
- Enter the Unit IP and port, and click Save. The Central Management page refreshes with the new unit.