7.10.3. Procedure – Timestamping audit trails with external timestamping service

Purpose: 

To request timestamps from a remote Timestamping Authority (TSA), complete the following steps:

Steps: 

  1. Configure the remote TSA, and the timestamping interval. You have to repeat these steps for each protocol (HTTP, ICA, RDP, SSH, Telnet, and VNC) you want to configure:

    Figure 7.14. <Protocol name> Control > Global Options — Configuring a remote TSA

    <Protocol name> Control > Global Options — Configuring a remote TSA
    1. In the protocol control settings, navigate to Global Options > Timestamping (for example, SSH Control > Global Options > Timestamping).

    2. Select Remote.

    3. Enter the address of the timestamping server into the URL field. Note that currently only plain HTTP services are supported, password-protected and HTTPS services are not supported.

    4. If the Timestamping Server has timestamping policies configured, enter the OID of the policy to use into the Timestamping policy field. PSM will include this ID in the timestamping requests sent to the TSA.

    5. Set the Signing interval. You can choose any value between 10 and 100 000 seconds.

      Note

      The same interval setting applies to timestamping and signing.

    6. Click .

  2. Configure audit policies to use timestamping. You have to repeat these steps for each audit policy you want to configure:

    1. Navigate to Policies > Audit Policies and select the audit policy you will use in your connections.

      Tip

      By default, every connection uses the built-in default audit policy. Unless you use a custom audit policy, modifying the default audit policy will affect every audited channel of the connections passing through PSM.

    2. Select the Enable timestamping option.

      Figure 7.15. Policies > Audit Policies — Timestamping audit trails

      Policies > Audit Policies — Timestamping audit trails
    3. Click . PSM will automatically add timestamps to the audit trails of every connection that is audited and uses this audit policy.