Recording untrusted agents

An agent is considered "untrusted" (Trust Level = 0) when it attempts to register but does not provide a valid registration password credential. When this happens, an event is logged, but details about the client are NOT recorded into the database by default. However, you can configure Trust Protection Foundation to record information submitted by untrusted agents that fail credential verification during enrollment.

Capturing information about failed authentication attempts can be very useful for detecting potential security issues or unauthorized enrollment attempts. This feature is also helpful during initial testing of Agent Registration Settings configuration, as it helps you identify which agents are failing to authenticate with the configured Selecting (or creating) Registration Passwords for Agent Registration Settings.

CAUTION  Be careful when enabling this feature. Although unlikely, it does open the door to Denial of Service (DoS) attacks where an attacker could attempt to fill the Trust Protection Foundation database with superfluous information.

To record untrusted agents

  • Click Yes to enable the capturing of untrusted agents.

Related Topics Link IconRelated Topics