Security from Malicious URL in Portal

Sunnywaygis · ‎04-21-2021

Hi, I am looking for some feedback on security aspect of Portal in a case where user has unknowingly added a Malicious service URL (publicly available external service) in a webmap. Are there any documentation on how Portal handles this?

Appreciate your feedback

Thanks

Todd_Metzler · ‎04-21-2021

Have you gone to ArcGIS Trust Center

Sunnywaygis · ‎04-22-2021

Thanks Todd for sharing this link. I noticed the link for ArcGIS security advisor and seems like this might provide some answers that I am looking for. I tried ArcGIS Security Advisor for our Enterprise, following instructions below but getting a 400 error. As per the note on the website, this utility was built by ESRI but not supported. I am not sure if anyone else had this issue and had any suggestions.

Thanks

To log in to ArcGIS Enterprise, you first need to register ArcGIS Security Advisor as an application in your Enterprise portal. This will generate an AppID that can identify this app as an approved client of the Enterprise portal. To register this app, follow the instructions here, using Application as the Type of App and the URL of the current page (https://s3.amazonaws.com/ago-security-advisor) as the Redirect URI.

Todd_Metzler · ‎04-22-2021

Check Settings > Application > Data Source > Update:

Application
Data Source
URL https://s3.amazonaws.com/ago-security-advisor

App Registration

App ID:
YourGeneratedAppId
App Secret:
Show Secret
App Type:
Multiple
Redirect URI's:
urn:ietf:wg:oauth:2.0:oob, https://s3.amazonaws.com/ago-security-advisor

Sunnywaygis · ‎04-22-2021

Hi Todd, I was able to connect using these settings, Thanks

Todd_Metzler · ‎04-23-2021

Glad that worked for you. Additional thought: Have you run portalScan and serverScan? These are in the tools folders at your Poral and Server installed location.

Here's the default location on a Windows server

Todd