Configuration Guide

This guide provides instructions for various Keep configuration tasks.

Authentication

Single sign-on (SSO) — To simplify the Keep authentication process for users and third-party applications, you can use Keep’s single sign-on (SSO) capability.

Configure Keep to use LDAP — Keep can be configured to use the Windows Active Directory to obtain user login credentials and allocate group access. Once LDAP is set up correctly, all user management can be done outside Keep. As a result, users can use their Windows login to access Keep (if they are in the relevant Active Directory groups).

Note

SSO and LDAP documentation for Lasernet Keep will be published when it is available.

Encryption

Switch Keep Between HTTP and HTTPS — To help improve security, HTTPS support is enabled by default when installing Keep, and you can provide custom HTTPS certificates for the server to use.  As a result, HTTPS support is ready with minimal configuration required. However, HTTP connectivity is also enabled. We recommend that you disable or restrict access to Keep via HTTP as soon as possible. To help you do this, we have provided a command-line tool that can modify the application configuration.

Configure Document Encryption for Keep — Keep has application-level encryption for documents; specifically, the ability to encrypt files that are stored in the archive. This feature adds an additional layer of security to help protect against unauthorised access or processing of sensitive data.

General Configuration Information

Set Configuration Flag Values in node.properties — This page explains how to set configuration flag values in the node.properties Keep configuration file. Configuration flags enable you to configure important Keep system settings and vary the behavior of various Keep functions.

Clustering

Keep Clustering — Introduces Keep’s clustering capability.