Appendix
Reconfiguring Agents
In some situations, for example, if the hostname or IP address of the CipherTrust Manager appliance changes, Agents' connection with DDC must be reconfigured with the new hostname or IP address.
Reconfiguring DDC Agents on Windows
To reconfigure a DDC Agent:
Log on to the host machine as administrator.
Open Enterprise Recon Configuration Tool (er2_config_cmd.exe).
By default, the tool is available at
C:\Program Files (x86)\Ground Labs\Enterprise Recon 2\
.In the Master server IP address or host name field, specify the new hostname or IP address of the CipherTrust Manager.
Click Test Connection. A message stating "Connectivity test is successful" confirms successful reconfiguration.
Click Finish.
Reconfiguring DDC Agents on Debian
To reconfigure a DDC Agent:
Log on to the host machine as a user with root privileges.
Reconfigure connection with DDC on the CipherTrust Manager appliance.
sudo er2-config -i <hostname|ip_address>
Here,
<hostname|ip_address>
represents the new IP address or hostname of the CipherTrust Manager appliance.Restart the Agent service. Configuration settings will be effective after the Agent restarts.
sudo /etc/init.d/er2-agent -restart
Reconfiguring DDC Agents on RHEL
To reconfigure a DDC Agent:
Log on to the host machine as a user with root privileges.
Reconfigure connection with DDC on the CipherTrust Manager appliance.
er2-config -i <hostname|ip_address>
Here,
<hostname|ip_address>
represents the new IP address or hostname of the CipherTrust Manager appliance.Restart the Agent service. Configuration settings will be effective after the Agent restarts.
sudo /etc/init.d/er2-agent restart
Restarting DDC Agents
Restarting Agents on Windows
To restart a DDC Agent, run the following commands:
net stop "Enterprise Recon 2 Agent (<ARCH>)"
net start "Enterprise Recon 2 Agent (<ARCH>)"
Here, <ARCH>
represents the Windows architecture - x32 or x64.
Restarting Agents on Debian
To restart a DDC Agent, run:
sudo /etc/init.d/er2-agent restart
Alternatively, restart the Agent service by stopping it and again starting it manually. Run the following commands:
sudo /etc/init.d/er2-agent stop
sudo /etc/init.d/er2-agent start
Restarting Agents on RHEL
To restart a DDC Agent, run:
sudo /etc/init.d/er2-agent restart
Alternatively, restart the Agent service by stopping it and again starting it manually. Run the following commands:
sudo /etc/init.d/er2-agent stop
sudo /etc/init.d/er2-agent start
Mounting an NFS Share
To mount an NFS share on a Proxy agent, run this command as root:
sudo mount <nfs-server-hostname|nfs-server-ipaddress>:</target/directory/share-name>
Information Types
Infotype Name | Category | Region |
---|---|---|
American Express | Financial | Global |
Australian Bank Account Number | Financial | Oceania |
Australian Business Number | Financial | Oceania |
Australian Company Number | Financial | Oceania |
Australian Driver License Number | Personal Data | Oceania |
Australian Healthcare Identifier - Organisation | Medical | Oceania |
Australian Individual Healthcare Identifier | dical | Oceania |
Australian Mailing Address | Personal Data | Oceania |
Australian Medicare Card | Medical | Oceania |
Australian Medicare Provider | Medical | Oceania |
Australian Passport Number | Personal Data | Oceania |
Australian Tax File Number | National ID | Oceania |
Australian Telephone Number | Personal Data | Oceania |
Austrian Driver License Number | Personal Data | Europe |
Austrian Mailing Address | Personal Data | Europe |
Austrian Passport Number | Personal Data | Europe |
Austrian Personalausweis | National ID | Europe |
Austrian SSN | National ID | Europe |
Austrian Telephone Number | Personal Data | Europe |
Belgian Driver License Number | Personal Data | Europe |
Belgian eID | National ID | Europe |
Belgian National Number | National ID | Europe |
Belgian Passport Number | Personal Data | Europe |
Belgian Telephone Number | Personal Data | Europe |
Brazilian CPF | National ID | Americas |
Brazilian Registro Geral | National ID | Americas |
Bulgarian EGN | National ID | Europe |
Canadian Bank Account Number | Financial | Americas |
Canadian Health Service Number | Medical | Americas |
Canadian Mailing Address | Personal Data | Americas |
Canadian Passport Number | Personal Data | Americas |
Canadian Personal Health Identification Number (PHIN) | Medical | Americas |
Canadian Social Insurance Number | National ID | Americas |
Canadian Telephone Number | Personal Data | Americas |
Chilean RUN | National ID | Americas |
China Union Pay | Financial | Global |
Credentials username | Personal Details | Global |
Credentials password | Personal Details | Global |
Croatian OIB | National ID | Europe |
Cypriot Passport Number | Personal Data | Europe |
Czech Republic RC | National ID | Europe |
Danish CPR | National ID | Europe |
Danish Driver License Number | Personal Data | Europe |
Danish Passport Number | Personal Data | Europe |
Date Of Birth | Personal Data | Global |
Date Of Birth (under 18) | Personal Data | Global |
Diners Club | Financial | Global |
Discover | Financial | Global |
Drug Enforcement Agency Number | Medical | Americas |
Dutch Burgerservicenummer | National ID | Europe |
Dutch Driver License Number | Personal Data | Europe |
Dutch NIK | National ID | Europe |
Dutch Passport Number | Personal Data | Europe |
Dutch Telephone Number | Personal Data | Europe |
Email addresses | Personal Data | Global |
Ethnicity (English) | Personal Data | Global |
European EHIC | Medical | Europe |
Finnish HETU | National ID | Europe |
French Carte Vitale | National ID | Europe |
French CNI | National ID | Europe |
French Driver License Number | Personal Data | Europe |
French INSEE | National ID | Europe |
French Mailing Address | Personal Data | Europe |
French Passport Number | Personal Data | Europe |
French Telephone Number | Personal Data | Europe |
Gambian National Identification Number | National | Africa |
Gender (English) | Personal Data | Global |
Generic Bank Account Number | Financial | Global |
German Driver License Number | Personal Data | Europe |
German Mailing Address | Personal Data | Europe |
German Passport Number | Personal Data | Europe |
German Personalausweis | National ID | Europe |
German Telephone Number | Personal Data | Europe |
Greek AFM | National ID | Europe |
Greek AMKA | National ID | Europe |
Greek Passport Number | Personal Details | Europe |
Hong Kong ID | National ID | Asia |
Hungarian Personal ID | National ID | Europe |
Icelandish Kennitala | National ID | Europe |
International Bank Account Number (IBAN) | Financial | Global |
IP Address | Personal Data | Global |
Iranian National Identification Number | National | Asia |
Irish Driver License Number | Personal Data | Europe |
Irish Passport Card Number | Personal Data | Europe |
Irish Passport Number | Personal Data | Europe |
Irish Personal Public Service Number | National | Europe |
Irish Telephone Number | Personal Data | Europe |
ISO8583 message with PAN | Financial | Global |
Israeli Bank Account Number | Financial | Asia |
Israeli Identity Number | National ID | Asia |
Italian CARTA D'IDENTITÀ | National ID | Europe |
Italian Codice Fiscale | National ID | Europe |
Italian Driver License Number | Personal Data | Europe |
Italian Mailing Address | Personal Data | Europe |
Italian Passport | Personal Data | Europe |
Italian Telephone Number | Personal Data | Europe |
Japanese Bank Account Number | Financial | Asia |
Japanese Driver License Number | Personal Data | Asia |
Japanese Passport Number | Personal Data | Asia |
Japanese Resident Registration Number | National | Asia |
Japanese Social Insurance Number (SIN) | National | Asia |
JCB | Financial | Global |
Laser | Financial | Global |
Latvian Personas Kods | National ID | Europe |
License Number | Personal Data | Global |
Login credentials | Personal Data | Global |
Luxembourg Driver License Number | Personal Data | Europe |
Luxembourg ID | National ID | Europe |
Luxembourg Passport Number | Personal Data | Europe |
Luxembourg Phone Number | Personal Data | Europe |
MAC Address | Personal Data | Global |
Macedonian UMCN | National ID | Europe |
Maestro | Financial | Global |
Malaysian NRIC | National ID | Asia |
Maltese eID | National ID | Europe |
Mastercard | Financial | Global |
Medicare Beneficiary Identifier (MBI) | Patient Health Data | North America |
Mexican CURP | National ID | Americas |
New Zealand Inland Revenue Number | National ID | Oceania |
New Zealand Mailing Address | Personal Data | Oceania |
New Zealand Passport Number | Personal Details | Oceania |
New Zealand Telephone Number | Personal Data | Oceania |
Norwegian Birth Number | National ID | Europe |
Norwegian Driver License Number | Personal Data | Europe |
Norwegian Passport Number | Personal Data | Europe |
Passport Number | Personal Data | Global |
Peoples Republic of China ID | National ID | Asia |
Personal Names (Austrian) | Personal Data | Europe |
Personal Names (Belgian) | Personal Data | Europe |
Personal Names (English) | Personal Data | Global |
Personal Names (French) | Personal Data | Europe |
Personal Names (German) | Personal Data | Europe |
Personal Names (Italian) | Personal Data | Europe |
Personal Names (Netherlands) | Personal Data | Europe |
Personal Names (Polish) | Personal Data | Europe |
Personal Names (Portuguese) | Personal Data | Europe |
Polish Driver License Number | Personal Data | Europe |
Polish Identity Card | National ID | Europe |
Polish Mailing Address | Personal Data | Europe |
Polish Passport Number | Personal Data | Europe |
Polish PESEL | National ID | Europe |
Polish Telephone Number | Personal Data | Europe |
Portuguese Citizen's Card | National ID | Europe |
Portuguese Driver License Number | Personal Data | Europe |
Portuguese Fiscal Number | National ID | Europe |
Portuguese Identity Number | National ID | Europe |
Portuguese Mailing Address | Personal Data | Europe |
Portuguese Passport Number | Personal Data | Europe |
Portuguese Phone Number | Personal Data | Europe |
Private Label Card | Financial | Global |
Profanity (English) | Personal Details | Global |
Religion (English) | Personal Data | Global |
Romanian Identity Card | National ID | Europe |
Romanian Numerical Personal Code | National ID | EuropeSaudi Arabia National ID |
Serbian UMCN | National ID | Europe |
Singaporean NRIC | National ID | Asia |
Slovakian RC | National ID | Europe |
Slovenian EMSO | National ID | Europe |
South African Identity Number | National ID | Africa |
South Korean Corporation Registration Number (법인등록번호) | Financial | Asia |
South Korean Driver License Number | Personal Details | Asia |
South Korean Foreigner Number | National ID | Asia |
South Korean Gwangju Bank (광주은행) Account Number | Financial | Asia |
South Korean Jeju Bank (제주은행) Account Number | Financial | Asia |
South Korean Jeonbuk Bank (전북은행) Account Number | Financial | Asia |
South Korean KB Bank (국민은행) Account Number | Financial | Asia |
South Korean KEB Hana Bank (KEB하나은행) Account Number | Financial | Asia |
South Korean NH Bank (농협은행) Account Number | Financial | Asia |
South Korean Passport | Personal Data | Asia |
South Korean Phone Number | Personal Data | Asia |
South Korean RRN | National ID | Asia |
South Korean Shinhan Bank (신한은행) Account Number | Financial | Asia |
South Korean Taxpayer Identification Number (사업자등록번호) | Financial | Asia |
Spanish DNI | National ID | Europe |
Spanish Driver License Number | Personal Data | Europe |
Spanish NIE | National ID | Europe |
Spanish Passport Number | Personal Data | Europe |
Spanish Social Security Number | National ID | Europe |
Spanish Telephone Number | Personal Data | Europe |
Sri Lankan National Identity Card | National ID | Asia |
Swedish Driver License Number | Personal Data | Europe |
Swedish Nationellt ID-kort | National ID | Europe |
Swedish Passport Number | Personal Data | Europe |
Swedish Personnummer | National ID | Europe |
SWIFT Code | Financial | Global |
Swiss Social Security Number | National ID | Europe |
Taiwanese ID | National ID | Asia |
Thai Population Identification Code | National ID | Asia |
Troy | Financial | Global |
Turkish Identification Number | National ID | Europe |
Turkish Telephone Number | Personal Data | Europe |
United Arab Emirates ID | National ID | Asia |
United Kingdom Community Health Index | Medical | Europe |
United Kingdom Driver License Number | Personal Details | Europe |
United Kingdom Electoral Roll Number | Personal Details | Europe |
United Kingdom Health and Care Number | Medical | Europe |
United Kingdom Mailing Address | Personal Data | Europe |
United Kingdom National Health Service Number | Medical | Europe |
United Kingdom NI Number | National ID | Europe |
United Kingdom Passport Number | Personal Data | Europe |
United Kingdom Self Assessment UTR Number | National ID | Europe |
United Kingdom Telephone Number | Personal Data | Europe |
United Kingdom VAT Number | Financial | Europe |
United States Bank Account Number | Financial | Americas |
United States Driver License Number | Personal Details | Americas |
United States Health Insurance Claim Number | Medical | Americas |
United States Health Plan Identifier | Medical | Americas |
United States Individual Taxpayer Identification Number (ITIN) | National ID | Americas |
United States Mailing Address | Personal Data | Americas |
United States National Provider Identifier | Medical | Americas |
United States Passport Number | Personal Details | North America |
United States Passport Card Number | Personal Details | North America |
United States Routing Transit Number | Financial | Americas |
United States Social Security Number | National | Americas |
United States Telephone Number | Personal Data | Americas |
Visa | Financial | Global |
Yugoslavia UMCN | National ID | Europe |
Supported Formats
Files
Type | Format |
---|---|
Compressed | bzip2, Gzip (all types), TAR, Zip (all types) |
Databases | Access, DBase, SQLite, MSSQL MDF & LDF |
Images | BMP, FAX, GIF, JPG, PDF (embedded), PNG, TIF |
Microsoft Backup Archive | Microsoft Binary / BKF |
Microsoft Office | v5, 6, 95, 97, 2000, XP, 2003 onwards |
Open Source | Star Office / Open Office / Libre Office |
Open Standards | PDF, RTF, HTML, XML, CSV, TXT |
Office files
WORD
Legacy: Legacy filename extensions denote binary Microsoft Word formatting that became outdated with the release of Microsoft Office 2007. Although the latest version of Microsoft Word can still open them, they are no longer developed. Legacy filename extensions include:
- .doc – Legacy Word document; Microsoft Office refers to them as "Microsoft Word 97 – 2003 Document"
- .dot – Legacy Word templates; officially designated "Microsoft Word 97 – 2003 Template"
- .wbk – Legacy Word document backup; referred as "Microsoft Word Backup Document"
OOXML: Office Open XML (OOXML) format was introduced with Microsoft Office 2007 and became the default format of Microsoft Word ever since. Pertaining file extensions include:
- .docx – Word document
- .docm – Word macro-enabled document; same as docx, but may contain macros and scripts
- .dotx – Word template
- .dotm – Word macro-enabled template; same as dotx, but may contain macros and scripts
- .docb – Word binary document introduced in Microsoft Office 2007
EXCEL
Legacy: Legacy filename extensions denote binary Microsoft Excel formats that became outdated with the release of Microsoft Office 2007. Although the latest version of Microsoft Excel can still open them, they are no longer developed. Legacy filename extensions include:
- .xls – Legacy Excel worksheets; officially designated "Microsoft Excel 97-2003 Worksheet"
- .xlt – Legacy Excel templates; officially designated "Microsoft Excel 97-2003 Template"
- .xlm – Legacy Excel macro
OOXML: Office Open XML (OOXML) format was introduced with Microsoft Office 2007 and became the default format of Microsoft Excel ever since. Excel-related file extensions of this format include:
- .xlsx – Excel workbook
- .xlsm – Excel macro-enabled workbook; same as xlsx but may contain macros and scripts
- .xltx – Excel template
- .xltm – Excel macro-enabled template; same as xltx but may contain macros and scripts
POWERPOINT
Legacy:
- .ppt – Legacy PowerPoint presentation
- .pot – Legacy PowerPoint template
- .pps – Legacy PowerPoint slideshow
OOXML:
- .pptx – PowerPoint presentation
- .pptm – PowerPoint macro-enabled presentation
- .potx – PowerPoint template
- .potm – PowerPoint macro-enabled template
- .ppam – PowerPoint add-in
- .ppsx – PowerPoint slideshow
- .ppsm – PowerPoint macro-enabled slideshow
- .sldx – PowerPoint slide
- .sldm – PowerPoint macro-enabled slide
ACCESS
Legacy:
- .ade – Protected Access Data Project (not supported in 2013)
- .adp - Access Data Project (not supported in 2013)
- .mdb - Access Database (2003 and earlier)
- .cdb - Access Database (Pocket Access for Windows CE)
- .mda - Access Database, used for addins (Access 2, 95, 97), previously used for workgroups (Access 2)
- .mdt - Access Add-in Data (2003 and earlier)
- .mdf - Access (SQL Server) detached database (2000)
- .mde - Protected Access Database, with compiled VBA and macros (2003 and earlier)
- .ldb - Access lock files (associated with .mdb)
Available formats since Access 2007:
- .accdb – The file extension for the new Office Access 2007 file format. This takes the place of the MDB file extension
- .accde – The file extension for Office Access 2007 files that are in "execute only" mode. ACCDE files have all Visual Basic for Applications (VBA) source code hidden. A user of an ACCDE file can only execute VBA code, but not view or modify it. ACCDE takes the place of the MDE file extension
- .accdt – The file extension for Access Database Templates
- .accdr – is a new file extension that enables you to open a database in runtime mode. By simply changing a database's file extension from .accdb to .accdr, you can create a "locked-down" version of your Office Access database. You can change the file extension back to .accdb to restore full functionality
OUTLOOK
- .pst - Outlook
- .ost - Outlook
- .msg - Outlook
- .dbx - Outlook
OTHER
- .pub – a Microsoft Publisher publication
- .xps – a XML-based document format used for printing (on Windows Vista and later) and preserving documents
Databases
- Microsoft SQL
- Oracle
- DB2
- PostgresQL
Big Data
- Hadoop
Security Audit Log Event Messages
The following table contains a complete list of security audit log event messages that DDC prints in the log file.
Message | Explanation |
---|---|
DDCScanClientInvalidCredentialsProbe | A probe with invalid credentials. |
DDCScanClientUnexpectedErrorProbe | An unknown probe error. |
DDCPhoenixBackgroundProcessAuthenticationError | A failed authentication against PQS in |
DDCPhoenixUpdatePQSSettingsAuthenticationError | A failed authentication against PQS updating |
DDCHDFSUpdateHDFSettingsAuthenticationError | A failed authentication against HDFS updating HDFS |
DDCHDFSBackgroundProcessAuthenticationError | A failed authentication against HDFS in background |
DDCUnauthorizedCloneRequest | An unauthorized CLONE request. |
DDCUnauthorizedGetRequest | An unauthorized GET request. |
DDCUnauthorizedListRequest | An unauthorized LIST request. |
DDCUnauthorizedListPaginatedRequestWithContext | An unauthorized LIST PAGINATED request with |
DDCUnauthorizedCreateRequest | An unauthorized CREATE request. |
DDCUnauthorizedUpdateRequest | An unauthorized UPDATE request. |
DDCUnauthorizedListProvisionedRequest | An unauthorized LIST PROVISIONED request. |
DDCUnauthorizedGetProvisionedRequest | An unauthorized GET PROVISIONED request. |
DDCUnauthorizedGetActiveNodeRequest | An unauthorized GET ACTIVE NODE request. |
DDCUnauthorizedTestConnectivityRequest | An unauthorized TEST CONNECTIVITY request. |
DDCUnauthorizedGetLicenseRequest | An unauthorized GET LICENSE request. |
DDCUnauthorizedDecryptRawDataFileRequest | An unauthorized DECRYPT RAW DATA FILE request. |
DDCUnauthorizedGetDatastoreReportRequest | An unauthorized GET DATASTORE REPORT request. |
DDCUnauthorizedFindScanRequest | An unauthorized FIND SCAN request. |
DDCUnauthorizedScanActionRequest | An unauthorized SCAN ACTION request. |
DDCPQSUnaccessibleGetSummaryReportError | An inaccessible PQS in GET SUMMARY REPORT request. |
DDCPQSUnaccessibleGetDatastoreDetailReportError | An inaccessible PQS in GET DATASTORE DETAIL |
DDCPQSUnaccessibleGetDataObjectsDetailsReportError | An inaccessible PQS in GET DATAOBJECTS |
DDCPQSUnaccessibleGetInfotypesSummaryReportError | An inaccessible PQS in GET INFOTYPES SUMMARY |
DDCPQSUnaccessibleGetDataObjectsSummaryReportError | An inaccessible PQS in GET DATAOBJECTS |
DDCPQSUnaccessibleGetScanDetailsReportError | An inaccessible PQS in GET SCAN DETAILS REPORT |
DDCPQSUnaccessibleCreateReportTemplateError | An inaccessible PQS in CREATE REPORT TEMPLATE |
DDCPQSUnaccessibleGetReportTemplateError | An inaccessible PQS in GET REPORT TEMPLATE request. |
DDCPQSUnaccessibleFindReportTemplatesError | An inaccessible PQS in FIND REPORT TEMPLATE |
DDCPQSUnaccessibleUpdateReportTemplateError | An inaccessible PQS in UPDATE REPORT TEMPLATE |
DDCPQSUnaccessibleGetScanExecutionsError | An inaccessible PQS in GET SCAN EXECUTIONS request. |
DDCResourceRetrievalGenericCloneError | A GENERIC CLONE request. |
DDCResourceRetrievalGenericGetError | A GENERIC GET request. |
DDCResourceRetrievalGenericListError | A GENERIC GET request. |
DDCResourceRetrievalGenericListPaginatedRequestError | A GENERIC LIST PAGINATED request. |
DDCResourceRetrievalGenericCreateError | A GENERIC CREATE request. |
DDCResourceRetrievalGenericUpdateError | A GENERIC UPDATE request. |
DDCResourceRetrievalGenericListProvisionError | A GENERIC LIST PROVISION request. |
DDCDatastoreDecryptDataEncryptionKeyNotFoundError | A GET KEY request. |
DDCDatastoreEncryptDataError | An ENCRYPT DATA request. |
DDCScanWatcherInterruptedTimeout | An INTERRUPTED TIMEOUT request. |
DDCScanClientRetrieveScanTimeout | A RETRIEVE SCAN TIMEOUT request. |
DDCScanActionRequest | A SCAN ACTION request. |
DDCDatastoreUpdateRequest | A DATASTORE UPDATE request. |
DDCDatastoreCreateRequest | A DATASTORE CREATE request. |
DDCScanDeleteRequest | A SCAN DELETE request. |
DDCSummaryReportGetRequest | A GET SUMMARY REPORT request. |
DDCDatastoreDetailReportGetRequest | A GET DATASTORE DETAILS REPORT request. |
DDCDataObjectsDetailReportGetRequest | A GET DATASTORE DETAILS REPORT request. |
DDCInfotypesSummaryReportGetRequest | A GET INFOTYPES SUMMARY REPORT request. |
DDCDataObjectsSummaryReportGetRequest | A GET DATAOBJECTS SUMMARY REPORT request. |
DDCScanDetailsReportGetRequest | A GET SCAN DETAILS REPORT request. |
Configuration Backup
You can back up and restore the DDC configuration by using the Backup/Restore functionality available in CipherTrust Manager. Such a backup will include the following elements:
Data Stores
Branch Locations
Classification Profiles
Infotypes
Report definitions
This backup will not include the information about the scan executions.
Creating/Restoring the Configuration Backup
To create or restore a backup of your DDC configuration:
Log in to CipherTrust Manager.
Click the Admin Settings link on the dashboard.
Select Backups from the sidebar on the left. This will display the Backups screen.
To create a backup of your DDC configuration, click the Create Backup button.
To restore your DDC configuration from a backup, click the Upload Backup button.
For more details refer to these sections of the CipherTrust Manager documentation:
Configuration Backup Limitations
The configuration backup references the DDC Active Node. Restoring the backup to a different CipherTrust Manager cluster leaves DDC referencing an invalid node, and therefore without any valid active node.
The configuration backup contains the definition of the DDC resources (such as the Scan or Data Store definitions). Restoring from a backup that does not contain a certain resource (for example, a Custom Classification Profile) or a resource version after a scan had been completed causes a TDP scan execution data to point to an invalid resource identifier.
If you generate a report that points to the missing resource you may display incomplete data (such as not being able to display the resource name) and/or fail.
Creating/Restoring Backup of Scan Executions
To back up or restore the your Data Discovery and Classification scan executions data you need to access the DDC data stored in Hadoop. For details, refer to the Thales Data Platform Hadoop Backup section in the Thales Data Platform Administrator Guide.