Introduction to the Nucleon EDR Console

Modified on Wed, 3 Jan at 8:15 PM

1 - Première connexion à la console Nucleon Security



    To get off to a good start with the Nucleon Security platform, find out how to handle the Nucleon console, the graphical interface, how to use it and the first configurations to be made.


  • Once the server has been installed, a "super administrator" account must be created,
  • Other user accounts can be created from this one,
  • If a password is forgotten, another account must be used to change it.



  • After creating a user, log on to the Nucleon Security platform to create an entity:



2 - Entity configuration

    

Below is the entity creation form from the Entities' view page:

  • Name of the entity,
  • Domain if specific,
  • Square logo recommended,
  • Editable information.


    

The first view after creating an entity, with these specific tabs:



   

   Once the entity has been created, a licence request must be made by clicking on Request License:



3 - Users Configuration


3.1 - Creating users

    

   To create users, click on account and enter the necessary information, including the account privilege:

   






    The password can be changed by the user by going to the account configuration page.

    Notifications send an e-mail to the account e-mail address for the various options selected:

  • License: Licence expiry, limit reached,
  • Security: Security alert when a workstation is blocked,
  • Endpoint: New agent installed, new vulnerability on one or more agents.




If a user wants to configure dual authentication, they must click on their account and Update and activate the One Time Password option:




  • The OTP can only be activated by the user,
  • A user-specific key is generated,
  • The QRCode is a representation of the key,
  • An OTP application must be installed on the user's smartphone, and the key must be added to this application (Google Authenticator, Microsoft Authenticator, etc.),
  • The phone must be at the same time as the Nucleon console (French timezone),
  • The OTP can be deactivated by another administrator.


3.2 - User Privileges


Super administrator 

  • Global view of entities
  • Manage all server entities,
  • Server system configuration,
  • Receives system notifications,
  • Receive notifications from all entities,
  • This setting can only be managed by another super administrator,
  • A super administrator account is invisible to people who are not super administrators.

Entity administrator 

    An entity account is only visible/modifiable by users who have access to the same entities.


4 - Configurations


4.1 - System Configuration 


  

    The system configuration section contains a number of parameters:

  • Server name, used in system notifications,
  • identification with the Nucleon update server,
  • Update.


  • SMTP Configuration



  • Maintenance mode: The Nucleon console no longer takes information from the agents, so in order to carry out a maintenance task, the agents go "offline". This mode is activated automatically during updates or system actions. Maintenance mode first goes into "Pending" state in order to complete tasks in progress, then switches to "Enable" mode once activated.


  • System action: restart services, restart server, shut down server. These actions automatically activate maintenance mode before being executed.



4.2 - Retention configuration

  • Retention allows disk space to be freed up automatically so as not to saturate it.
  • Data is deleted automatically every five minutes.
  • If disk space runs out, "system" type alerts are sent to super-administrators.
  • The retention must be reduced accordingly, or a storage extension can be added at the request of support.




  • Data Retention:

    Retention time for events and metrics. This is the most significant data consumption on the server. Events older than 15 days are automatically deleted. The recommended retention time is 7 days.

  • Analysis Retention:

    Analysis retention time. Analyses that have not been consulted for more than 30 days are deleted automatically.

  • Notification Retention:

    Retention time for notifications of any type. Notifications are automatically deleted after 90 days.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article