Anonymize Reports in Dimension

To replace user names, IP addresses, host names, and mobile device names that appear in reports and dashboards with anonymized placeholder text, you can enable Anonymized Mode in your Dimension server settings. When users log in to Dimension while Anonymized Mode is enabled, log messages and detail reports are not available. Instead, users only see a restricted view of the pages that their assigned user roles allow them to see. This applies to all users, even users with Super Administrator privileges.

Anonymized placeholder text uses a standard pattern for each data type, is randomly generated, and is different for each user session. Placeholder text includes a randomly generated sequence of letters and numbers, and begins with these prefixes:

  • USER
  • DEVICE
  • HOST
  • IP-ADDRESS

When Anonymized Mode is enabled, a user with the Anonymization Officer role can log in to Dimension as a secondary user for a current user session and temporarily disable Anonymized Mode for only that session. When Anonymized Mode is temporarily disabled, the current user can see the data that was anonymized. When the current user logs out and logs in again, Anonymized Mode is enabled again.

After you enable Anonymized Mode and save your settings, make sure to add a user account with Anonymization Officer privileges.

Enable Anonymized Mode

When you enable and configure the settings for Anonymized Mode, you can optionally specify the title and text of the message the Anonymization Officer sees in the login dialog box. Dimension already includes explanatory text for the login dialog box, but you can replace this text with a different message, or add instructions to the current text to provide more information to your Anonymization Officer or to meet the requirements of your company.

To enable Anonymized Mode:

  1. Select > Administration > Administration > Server Management.
    The Server Management pages appear with the Status tab selected.
  2. Select the Configuration tab.
    The Configuration pages appear with the General tab selected.
  3. Select the Visibility tab.

Screen shot of the Visibility page

  1. To unlock the configuration so you can make changes, click the Locked icon.
    For more information about how to unlock and lock the Dimension configuration, see Lock and Unlock the Dimension Configuration.
  2. Select the Enable Anonymized Mode check box.
    The Message Title and Message Text text boxes are enabled.
  3. (Optional) In the Message Title text box, type a new title for the login dialog box.
  4. (Optional) In the Message Text text box, type the new message text to include in the login dialog box.
    You can keep the current text and add your own text to it, or you can replace the text with your own message.

After you enable Anonymized Mode, when you log out and log in again, your user session is in Anonymized Mode and appears in the Dimension top navigation bar.

Screen shot of the Dimension top navigation bar with Anonymized Mode enabled

Anonymized Mode is enabled for all future user sessions.

When Dimension is in Anonymized Mode, users see a restricted view of the content that their user credentials allow them to see. For example, if a user with only the View All Logs role logs in while Anonymized Mode is enabled, that user will see the Devices and Groups tabs (but will not be able to select a device or group to see more information), and a message that the content the user has privileges to view is not available in Anonymized Mode. When the Anonymization Officer logs in during the session of the user with the View All Logs role to temporarily disable Anonymized Mode, the View All Logs user will be able to select a device or group and review the log messages.

Add an Anonymization Officer User Account

Before you can temporarily disable Anonymized Mode so you can see the data that has been anonymized, you must add a user account with the Anonymization Officer role.

You can only add an Anonymization Officer user account after you have enabled Anonymized Mode.

You can add a new user account with the Anonymization Officer role, or apply the Anonymization Officer role to a local user account that already exists in the Manage Users and Groups list. You can assign the Anonymization Officer role to a user account with only that role, or to a user account that is also assigned other roles. You can also enable the Anonymization Officer to temporarily disable Anonymized Mode for all devices, or only for certain devices. By default, the Super Administrator role also has Anonymization Officer privileges.

To add a new user account with the Anonymization Officer role:

  1. Select > Administration > Administration > Access Management.
    The Access Management page appears, with the Users & Groups page selected.
  2. To unlock the configuration so you can make changes, click the Locked icon.
    For more information about how to unlock and lock the Dimension configuration, see Lock and Unlock the Dimension Configuration.
  3. Click Add.
    The Add User or Group dialog box appears.
  4. From the Type drop-down list, select Local User.
  5. In the Name text box, type the name for the Anonymization Officer user account.
  6. In the Password and Confirm Password text boxes, type the password to assign to the Anonymization Officer user account.
  7. Adjacent to Role(s) list, click the Add icon and select Anonymization Officer.
  8. From the Devices drop-down list, select an option:
    • All devices
    • Specify devices — Click the Add button and select the devices.
  9. Click Save.
    The new user appears in the Manage Users and Groups list.

For more information about how to add a user account, see Manage Users and Groups.

Content Restrictions in Anonymized Mode

In Anonymized Mode, only these Dashboard pages are available:

  • Executive Dashboard
  • Security Dashboard
  • Subscription Services
  • ThreatMap
  • FireWatch
  • AP Devices
  • Mobile Devices

Here are a few examples of how anonymized data appears in some of the Dashboard pages when Dimension is in Anonymized Mode.

Example of the Executive Dashboard in Anonymized Mode

 

Example of the Security Dashboard in Anonymized Mode

 

Screen shot of the Threat Map Dashboard page, Unknown list in Anonymized Mode

Example of the ThreatMap Dashboard page in Anonymized Mode

 

Example of the FireWatch Dashboard page in Anonymized Mode

 

Screen shot of the Mobile Devices Dashboard page in Anonymized Mode

Example of the Mobile Devices Dashboard page in Anonymized Mode

 

 

You can also only view Summary reports when Anonymized Mode is enabled. Client reports and Detail reports are not available, and the View Details links are removed from Summary reports.

Other pages with anonymized content that are available in Anonymized Mode include:

  • Tools > Device Summary
  • Home > Devices
  • Home > Groups
  • Home > VPNs

The Home > Servers page is not available in Anonymized Mode.

In Anonymized Mode, Server reports, Compliance reports, and Detail reports cannot be included in a report schedule. Before these reports can be scheduled, Anonymized Mode must be disabled in the Visibility settings; they cannot be included in a schedule when the Anonymization Officer logs in to temporarily disable Anonymized Mode. If you have included these reports in a schedule before Anonymized Mode is enabled in the Visibility settings, when Anonymized Mode is enabled, these reports are not included in the scheduled report output.

Temporarily Disable Anonymized Mode

To temporarily disable Anonymized Mode so that the user who is currently logged in to Dimension can see the user names, IP addresses, host names, and mobile device names that appear in Dashboard pages and reports, a user with Anonymization Officer credentials can log in to Dimension during the current user session. When the Anonymization Officer logs in, the placeholder text is replaced with the real data that was anonymized.

To temporarily disable Anonymized Mode:

  1. In the Dimension top navigation bar, click .

    The Disable Anonymized Mode dialog box appears. Tip!If you changed the the text in the Message Title text box when you enabled Anonymized Mode, the title of the dialog box will be the Message Title text that you specified.

Screen shot of the Disable Anonymized Mode dialog box

  1. In the User Name and Passphrase text boxes, type the credentials for a user account with Anonymization Officer credentials.
  2. Click OK.
    Anonymized data in Dimension is temporarily available and is removed from the top navigation bar.

When the user logs out and logs in again, Anonymized Mode is enabled again for that user and appears again in the top navigation bar.

See Also

Configure the Visibility Settings

Manage Users and Groups

Dimension Server Management

About the Home Pages

Give Us Feedback     Get Support     All Product Documentation     Technical Search