Prevent unauthorized access to systems

Cyberattacks and other forms of unauthorized access pose a constant threat to IT systems. Fortunately, many tools are available to counter these threats and shield your infrastructure.

Authenticate users and devices

Authentication is the process of verifying the identity of a user, device, or other entity before granting access to a system, application, or network. Common authentication methods include passwords, biometrics, multifactor authentication (MFA), and digital certificates.

For the JRebel plugin used in an Integrated Development Environment (IDE) and for the JRebel standalone application, you can verify the identity of a user by using one of three activation processes:

  • If the user is a developer on a team using JRebel, the administrator can provide a group URL from the license management team account. This URL consists of the license server address and a unique key. In the IDE, users enter the group URL and their email address and click Activate JRebel.

  • The Perforce team can provide a license file by sending an email. The user downloads the license file to the local hard drive.

  • A user can request a trial license through the IDE or the Perforce website by providing an email address. The user must later confirm the email address.

The Rebel License service collects some personally identifiable information (PII), such as the email addresses of the license holders and Rebel license users. In addition, license allocation and usage metrics for JRebel and XRebel licenses are collected. When exporting licenses for offline and on-premises use, the first and last names of the license users are also stored. You can define who has administrative or view-only access to this PII data. For more information, see Administrators.

Grant access and permissions

The process of granting access rights and permissions is designed to ensure that only authorized users, user groups, devices, and other entities can access a system, application, or network. Commonly used authorization mechanisms include role-based access control (RBAC), attribute-based access control (ABAC), and access control lists (ACLs).

When you use JRebel as a standalone application in your environment, its usage is restricted to the people who have access to the system.

The JRebel for Cloud license server supports RBAC with two roles: View only and Administrator. For instructions about specifying roles, see Administrators.

You can also configure single sign-on (SSO) for your organization, as described in Organization settings.

Implement logging

Logging can be implemented to gather operational and security data for a system, identify performance and security issues, and minimize the risk of data breaches. Log files can be encrypted, and access can be restricted to comply with data protection and privacy regulations.

With JRebel, you can implement logging to help protect your system and its data. JRebel is installed locally, and logging information is collected in the application folder. For more information about logging, see Agent settings.

The JRebel for Cloud license server uses the Amazon Web Services Kibana tool for logging.