One of our Enterprise Synthetic Monitoring customers asked to start gomez recorder as a service for security reasons.
Please would you let me know if it is possible ?
Answer by David A. ·
For security concerns:
- Install the agents in a VM. No keyboard, no screen.
- only console will be allowed, for example VNC software (with pwd)
The client will execute as a service and it will use internally the recorder to launch the scripts as Carol Describes.
Protect by FW they estimate necessary just leaving open the connection ports needed and configurate the antivirus as expected:
With this configuration it use to be sure and the customer I've been has accepted.
If their concern is the access to the development robot (The only one that will change the DB and can be access without VPN) I suggest you to do this:
- Restrict the access to this robot
- Forward the logs (access to the machine) to the audit system
- Put in place a requirement that has to be approved by the security department to access to this robot/Agent
- Put in place a procedure to shutdown the VM where the development agent is, if a not authorized access has been detected.
- put this robot on the domain, only named access are allowed. All the persons should have rights over our application
Let me know if this covers the concern of your customer.
All the customer I've been(banks for example) has accepted this deployment.
I hope it helps
Answer by Carol O. ·
The Recorder is a desktop application and cannot run as a service. The Agent itself has a web service. The Agent's scheduler starts the Recorder based on the configured schedules.
Again, I remain uncertain as to the specific security concerns in question here. Please elaborate. If you think it is beneficial, please open a support ticket.
Freezing IE 1 Answer
How to handle errors properly 2 Answers
Script error between transactions 3 Answers