Configure a Hostname for USM Appliance

Applies to Product: USM Appliance™ AlienVault OSSIM®

You should always configure a hostname for USM Appliance. This helps you identify each one uniquely, which is particularly important if you need to contact AlienVault Support for technical assistance.

Your PCI DSS 3.1 compliance audit will fail when a certificate whose Common Name (CN) or whose entries in the X509 Subject Alternative Name do not match the Fully Qualified Domain Name (FQDN) of the system in AlienVault USM Appliance.

Certificates, whose CN is not equal to the FQDN, cannot be verified through a Public Key Infrastructure (PKI). A service using such a certificate cannot authenticate itself towards a user, unless the user can determine its trustworthiness through another channel. If there is no additional channel available, a user cannot distinguish between a genuine and a forged certificate, which benefits the man-in-the-middle attack.

Therefore, AlienVault recommends that you use the FQDN when naming USM Appliance and to also use this FQDN as the CN or as X509 Subject Alternative Name (type DNS) to reduce the risk of man-in-the-middle attacks and to avoid failure in PCI compliance audits.

To configure a hostname for USM Appliance

  1. Connect to the AlienVault Console through SSH and use your credentials to log in.

    The AlienVault Setup menu displays.

  2. Select System Preferences.
  3. Select Configure Hostname.
  4. Type the name for this host and press Enter.

    Note: Any name you choose must not have spaces in it. For guidance on choosing a name, see RFC 1178.

  5. Press Enter to continue.
  6. Press <Back> until you are on the AlienVault Setup menu again. Select Apply all Changes.
  7. Press <Yes> to confirm.

    USM Appliance applies the changes and restarts all the services, which may take several minutes.

  8. Return to the AlienVault Setup main menu and select Reboot Appliance.