cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Synthetic Monitoring Security

jose-antonio_ra
Inactive

Hi all.

we´re working in a managed installation. The customer is interested in Synthetic Monitoring, but they have some questions about security. I read the doc in

- How is the encryption between the browser monitor and the tenant?

- Before the information is sent to the tenant...is the data stored in the Browser? If so, does this information have any security or encryption system? By example, the username, passwords , should not be visible.

- how tenant authentication is performed on the probe. That is, as the probe knows that it is our tenant who wants to execute the script

i´ve review doc in https://www.dynatrace.com/support/help/how-to-use-dynatrace/synthetic-monitoring/

and i not see the answer.


I hope you understand the doubts.

thanks in advanced.

jose A


7 REPLIES 7

sebastian_kryst
DynaMight Leader
DynaMight Leader

In general this works differently. You have 2 options. Using public synthetic locations or create local one via ActiveGate. They are working the same. You can record click path that will perform some scenario on your website. This scenario will be sent to public locations or your loca will be used (this one can be used on your private network). Everything is encrypted via SSL.

Than robots will be clicking through your page and record responses in configured frequency. This data are then send encrypted to your Dynatrace server. For public location it is done via Mission Control (DT cluster has access to it), for private locations it is send directly to Dynatrace server. No data are stored in browsers, because robots are setting up headless browser instances just for direct run, collecting data and ending process.

If you will provide credentials to script, nobody will have access to it, but this has to be sent to synthetic location to allow access for script. As I said, all is secured via SSL connection.

There are as well HTTP monitors, not simple option. It only executes request without business scenario and validate response. Good for testing API’s. but from security point of view it is working the same.

Sebastian


Thank you very much for the answer, it is very useful.

I have a question, in the record sequence, i must input username and password (and other confidential data) that should be replayed; Are these credentials saved in the script? If this is so, is the password encrypted or ofuscated?


Regards

Jose A


Credentials are saved in dynatrace cluster and send to robots on demand. I don’t know about hashing, this is rather question to someone from Staff. But event if Dynatrace will hash password and confidential data to store them internally (which I hope it does) mechanism has to be reversible because script has to have those data in plain text to fill the form.

Sebastian


miguel_balsa
Dynatrace Mentor
Dynatrace Mentor

Just to add a bit more info to the topic:


ChadTurner
DynaMight Guru
DynaMight Guru

Credentials will now be saved in the Credential Vault


-Chad

sebastian_kryst
DynaMight Leader
DynaMight Leader

nandini_balakri
Dynatrace Supporter
Dynatrace Supporter