Security ► User name pseudonymization
Applies to NAM 2018
Use this screen to control who can see user names in NAM reports.
- Click the dashboard icon at the top of the NAM Console screen
and click the User name pseudonymization tile
- Open the NAM Console menu and select Security ► User name pseudonymization
Important: This functionality is available only on NAM Probe release 18.0 or later. You cannot configure earlier NAM Probes for user name pseudonymization.
Starting with NAM release 2018, you can make NAM user name encryption part of a pseudonymization initiative.
As described under the EU General Data Protection Regulation (GDPR), pseudonymization is "the processing of personal data such that it can no longer be attributed to a single data subject without the use of additional data, so long as said additional data stays separate to ensure non-attribution."
For information about NAM and GDPR, see Data privacy & security.
When pseudonymization is enabled on a NAM Probe, the NAM Probe encrypts User name in the traffic data it reports. The encryption type is Advanced Encryption Standard (AES), 256-bit key size.
When the NAM Server generates reports based on such encrypted data, what it displays depends on the NAM user's privileges (roles).
- A person with the
User name accessrole sees reports with decrypted (actual) user names.
- Anyone else sees reports with pseudonyms (encrypted user names).
Configuring roles for user name pseudonymization
User name pseudonymization is based on NAM user roles.
System administratoralways has the
User name accessrole and always can assign the
User name accessrole to other users.
Security administratordoes not have the
User name accessrole by default, but a
Security administratorcan assign the
User name accessrole to any user, including to herself or himself.
There are two was a
System administrator or
Security administrator can give others the ability to read encrypted user names:
User name accessdirectly to each user who should have it
User name accessto a user group (new or existing) and then control access to user names by controlling membership to the group with
User name access
Configuring traffic monitoring for user name pseudonymization
To enable or disable user name pseudonymization of data reported by selected NAM Probes:
- Open Security ► User name pseudonymization.
- Set Enable user name pseudonymization for NAM Probe 18.0 and later to On.
- Click Regenerate global encryption key to generate a key that will be distributed when you publish the configuration to NAM Probes and NAM Serveres.
After restart, those NAM Probes will start producing data with encrypted user names.
- Select all NAM Probes for which you want to have encrypted user names.
(Generally, you should select all NAM Probes.)
- Click Save to save and publish the new key to all selected AMDs.
NAM Serveres will receive the configuration automatically.
When you click Regenerate global encryption key, a new key is generated. After publishing, it is published to all NAM Server instances attached to the NAM Console, and to all NAM Probe instances you select in the table.
- Do not change the key if you don't need to. After the key is changed, historical data will not be decrypted on the NAM Server and it may be difficult to recover the old key to decrypt old data.
- If you do change the key:
- Change it for all NAM Probes. There may be situations in which you want to limit decryption only to certain NAM Probes, but best practice generally is to keep everything synchronized.
- Publish the NAM Probe configurations. If you don't publish them, the NAM Serveres will have new keys but the NAM Probes will still have the old keys.
Also, be aware that disabling pseudonymization on a NAM Probe does not delete the key stored on that NAM Probe. If you disable user name pseudonymization on a NAM Probe and then enable it again, it will use the old key unless you publish a new key to that NAM Probe.
Verifying user name pseudonymization
To make sure this is working, you need at least two accounts:
- A NAM
System administratoraccount or another account that has been assigned the
User name accessrole. This person should be able to read encrypted user names.
- A NAM non-
System administratoraccount that has not been assigned the
User name accessrole. This person should not be able to read encrypted user names.
Using the first account (
System administratoror another account with the
User name accessrole), log in to the NAM Server receiving data from the configured NAM Probes.
In the Reports section of the NAM Server menu, click Explore and select Users.
Confirm that data in the User name column is not encrypted.
You should be able to see the user names in plain text.
Log out of the NAM Server.
Using the second account (an account that does not have the
User name accessrole), log in to the same NAM Server.
Open the same report.
Confirm that data in the User name column is encrypted.
You should see encrypted user names instead of plain-text user names.
Important: If the user names are not encrypted for the second account, recheck your configuration steps:
- Make sure you enabled user name pseudonymization on the reporting NAM Probes.
- Make sure you logged into the NAM Server the second time using an account that does not have user name access:
- The account is not assigned the
User name accessrole directly
- The account is not a member of a group to which you have assigned the
User name accessrole
- The account is not assigned the
If you are controlling user name access via group membership, you should also verify that access is controlled depending on whether an account is or is not a member of the group with the
User name access role.