Unauthorized Modification of USM Appliance Can Lead to Instability

Applies to Product: USM Appliance™ AlienVault OSSIM®

AlienVault USM Appliance are built to provide customers with an easy-to-use solution to help monitor the security of their infrastructures. They are delivered in three form factors:

  • Hardware appliances,
  • Virtual appliances, and
  • Amazon appliances.

These appliances include the AlienVault operating system and USM Appliance software necessary to provide the built-in Unified Security Management® (USM) security capabilities.

The appliances include an option to access the CLI of the appliance from the AlienVault Console SSH management interface used to perform setup and configuration tasks for USM Appliance with options from the AlienVault Setup menu.. This is done by selecting the "Jailbreak System" option from the AlienVault Setup menu, which provides limited shell access to the appliance. This option is available to help customers troubleshoot network issues, data collection issues, and to help the AlienVault Support team work with you to resolve any issues you encounter with the product while working on a support case.

As per the AlienVault Terms and Conditions, AlienVault does not allow modification of system level configuration files, database, or the underlying tools used to provide the functional capabilities offered by the product. Although AlienVault has integrated various open source tools, the configurations used by USM Appliance are designed to provide explicit functionality as described in the product documentation. Changes made to the operating system, tool configurations, or software can destabilize the appliance and prevent the appliance from working properly.

Modifications to the operating system, tool configurations, or software may lead to instability, thus require a reset of the appliance to factory settings to resolve it. AlienVault discourages customers from making such modifications. If there is a use case that requires you to jailbreak the device, we encourage you to share with us the details of the use case and we will consider the idea for a future release of the product.

Our goal is to provide a simple, stable, easy-to-use security platform to help you monitor your environment for threats. Keeping the system stable and free from such modifications will prevent unnecessary downtime, performance issues, and maintenance.

If you have any questions, please contact AT&T Cybersecurity Technical Support.