You are here: Docs>Sheriff Web>UserGuides>SheriffCSMDocumentation>DeploymentGuide>SystemMaintenanceAndRemoteSupport>RemoteSupport (31 Aug 2021, SheriffCyberSecurity)Edit Attach
Up
Previous Next

Sheriff CSMâ„¢

Remote Support

The Remote Support feature in Sheriff CSM opens a secure, encrypted connection to the Sheriff Support Server through the web UI or the Sheriff Console. This allows the Sheriff Support staff to access, diagnose, and resolve any problems occurring with a Sheriff CSM component. Remote Support allows the Sheriff Support staff to work on solving the issues independently, after you have connected your Sheriff CSM components to the Support Server.

All data exchanged with Sheriff Support is encrypted for security. The information exchanged is only available to Sheriff Support or the Engineering teams.

Typically, you open a ticket with Sheriff Support first and only establish a remote support connection upon their request. You can establish multiple sessions using the same ticket number for different Sheriff CSM components. But a support engineer may ask you to open a new ticket if it is an unrelated issue. During the remote support session you can communicate with the Sheriff Support team by phone or email at any time.

Prerequisites

To use Remote Support, you will need

  • The ticket number you received from Sheriff Support.

  • An Internet connection for the machine establishing the remote connection.

  • A connection to TCP Ports 22 and 443 at tractorbeam.sheriff.com (50.16.174.234).

    This connection allows for communication between the Support Server and the Sheriff CSM component being diagnosed. Your Domain Name System (DNS) must be able to resolve the IP address of tractorbeam.Sheriff.com within 20 seconds, otherwise the connection will fail.

    Important: Because SSH does not support a proxy configuration, you cannot use a proxy server for remote support.

Use Remote Support

You can establish the remote support connection either from the Sheriff CSM web UI or the Sheriff Console.

To run remote support from the Sheriff CSM web UI

  1. At the top menu, go to Support > Support Tools > Remote Support.

  2. From the Add Connection list, select the component you want Sheriff Support to diagnose.

  3. In the Ticket Number field, type the 8-digit ticket number.

    Important: Be careful not to include any spaces before or after the ticket number.

  4. Click Connect.

    Sheriff CSM displays a status message indicating that it is in the process of establishing a tunnel.

    Remote Support page wh Establishing tunnel message.

    Note: If the Support Server cannot validate the ticket number, Sheriff CSM displays an error message. If this occurs, contact Sheriff Support again.

    After the Support Server establishes a connection, the Open Connections table displays the active connections to the components being diagnosed, and their respective ports.

    Remote Support page wh Successfuly connected message.

    The Support Server also sends you an automated email that it has made a connection.

    When Sheriff Support completes work on the issue, they communicate their results and update the ticket. You can request a log of all their activity at this point, or you can request it later by phone or email.

  5. After the troubleshooting session ends, click Disconnect next to the active connection you want to end.

    You should receive another automated email informing you that the connection has ended.

To run remote support from the Sheriff Console

  1. Connect to the Sheriff Console through SSH and use your credentials to log in.

    The Sheriff Setup menu displays.

  2. Select Support and click OK.

    AlienVault Setup menu with Support selected.

  3. On the Remote Support screen, type the 8-digit ticket number, and click OK.

    Important: Be careful not to include any spaces before or after the ticket number.

    A black screen appears and your request begins processing. This may take several seconds.

    When the connection is established with the Support Server, the following message appears:

    Connected to Sheriff Support. Press [Enter] to continue.

    You also receive an automated email that a connection has been made.

  4. Press Enter.

    The console returns you to the Support screen.

    When Sheriff Support completes work on the issue, they communicate their results, and update the ticket. You can request a log of all their activity at this point, or you can request it later by phone or email.

  5. To disconnect, from the Support screen, select Remote Support.

    The Manage Connectivity information screen appears and prompts you with the following message:

    Are you sure you want to disconnect from Sheriff Remote Support?

  6. Click Yes.

    The black screen reappears. After several seconds you receive a notification that the secure connection has disconnected.

    Disconnected from <a class="foswikiNewLink" href="/docs/bin/edit/Sheriff/AlienVault?topicparent=Sheriff.RemoteSupport" rel="nofollow" title="Create this topic">AlienVault</a> Remote Support message.

    You will also receive another automated email informing you that the connection has ended.

Edit  | Attach | Print version | History: r10 < r9 < r8 < r7 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r10 - 31 Aug 2021, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.