Advanced Settings
The advanced settings let you configure the following aspects of Lacework Edge:
To access the advanced settings, click the gear icon from the top right of the console and then Settings. On the Settings page, click Advanced Settings.
Branding
Use the branding configuration settings to apply your own organization's name and logo to the web pages and emails that Lacework Edge presents to your users. Applying your branding helps your users to quickly identify your own organization as the source of the pages and emails.
To apply your own brand to user-facing pages, on the Advanced Settings page, click Branding from the left menu.
Type your organization's name in the field and click Save. For the logo, upload an icon of your logo in PNG format. Lacework recommends using an image that is 1024 by 600 pixels in size. The size of the image file must be less than 2 MB.
DNS
With DNS-level security, Lacework Edge applies security policies to website access at the domain name resolution phase. Accordingly, requests from your users to malicious or irrelevant websites never reach those websites.
To use DNS-level security, you configure your egress IP addresses in the Lacework Edge Console. This allows Lacework Edge to match requests originating from those IP addresses to the security policies you have configured for your organization. Note that, as implied here, this capability is limited to clients that have a consistent, specifiable source IP, such as on-premises hosts or routers. You also need to add Lacework Edge's DNS servers to your client hosts' configuration. Having the Lacework Edge client installed is not necessary to have the policies applied to requests from those hosts.
To configure DNS security, follow these steps:
- On the Advanced Settings page, click DNS from the left menu.
- Click the edit icon.
- Enable, if it is not already, the Enable DNS Capture checkbox.
- Click Add IP Address or Subnet and enter the egress IP addresses or subnet ranges for your organization. These should match the source IP from requests that Lacework Edge will see from your hosts.
- Note the Lacework Edge DNS server IP addresses. You will need to configure your hosts DHCP settings to use these addresses. Refer to the documentation for the type of host you are configuring for specific instructions.
- If you have not already created security policies that block traffic to the sites for which you want to perform DNS level-screening, click the Policies button to go to the page where you can configure those policies.
- Click Save.
Session Management
By configuring a workflow, you can have Lacework Edge notify users when their session is about to expire and provide users with the opportunity to extend their session. By extending their session, the user can avoid any disruption resulting from a session expiration.
When a user logs in to Lacework Edge, their session is valid for a default duration of 7 days. If you enable this feature, when less than a quarter of a user's session time remains (i.e., about a day), Lacework Edge prompts the user to extend their session for another 7 days. The user must confirm their identity with your organization's identity provider to do so.
To configure the session extension workflow:
- On the Advanced Settings page, click Session Management from the left menu.
- Click the edit icon.
- Modify, if desired, the default session duration.
- Click Extend Session Workflow, and configure the workflow as desired. For details on configuring workflows, see Workflows.