Novell Access Manager 3.1 SP2 Beta 1 Скачать руководство пользователя страница 1 | Manualshive

Страница: 1 / 22

background image

Access Manager 3.1 SP2 Beta 1 Scenarios

1

no

vd

ocx

(e

n)

17

Sep

te

m

be

r 20

09

Novell

®

Access Manager 3.1 SP2 Beta 1
Scenarios

December 21, 2009

The following scenarios have been designed to introduce you to the new features in Access Manager
3.1 SP2.

Section 1, “Linux Access Gateway Appliance Scenarios,” on page 1

Section 2, “Timeout Per Protected Resource Scenarios,” on page 5

Section 3, “Access Gateway Service Scenarios,” on page 10

Section 4, “SSL VPN Server Scenarios,” on page 11

1 Linux Access Gateway Appliance Scenarios

Section 1.1, “Installing the SLES 11 Version,” on page 1

Section 1.2, “Upgrading the Linux Access Gateway Appliance,” on page 2

Section 1.3, “Migrating a SLES 9 Access Gateway to SLES 11,” on page 3

Section 1.4, “Configuring Timeout Per Protected Resource,” on page 5

1.1 Installing the SLES 11 Version

This beta scenario introduces you to the new Access Gateway Appliance which is built on SUSE

®

Linux Enterprise Server (SLES 11). The SLES 11 version of the Access Gateway Appliance
supports newer hardware, and SLES 11 is a supported operating system that provides security
updates.

The previous version of the Access Gateway Appliance is built on SLES 9 SP3. The SLES 9
operating system is no longer a supported operating system and does not run on the latest hardware.

1.1.1 Assumptions

You need an installed 3.1 SP2 version of the Administration Console and Identity Server. For
installation information, see the

Access Manager Installation Guide

(http://www.novell.com/

documentation/beta/novellaccessmanager31/installation/data/bookinfo.html)

.

1.1.2 Known Issues

Bug 554518 -Network mode of installation through TFTP is not supported

Bug 560278 -Installation: There is no provision to return to the configuration screen to make
changes

Bug 559398 - The network gateway address is removed when the network interface is restarted.

Bug 558698 - The Linux Access Gateway SLES 11 appliance installation summary screen does
not display SSL VPN, even if the Install and Enable SSL VPN option is selected. Also, the
installation does not perform a password strength check.

1
2
3
...
»

Содержание Access Manager 3.1 SP2 Beta 1

Страница 1: ...The SLES 11 version of the Access Gateway Appliance supports newer hardware and SLES 11 is a supported operating system that provides security updates The previous version of the Access Gateway Appli...

Страница 2: ...cess Gateway Appliances in a cluster from 3 0 SP4 to 3 1 SP2 and use the timeout per protected resource feature 1 2 1 Assumptions Your current Access Manager setup has a 3 0 SP4 IR4 version of the Adm...

Страница 3: ...figuration at the Identity Server 4b Apply the changes to the Linux Access Gateway Appliance cluster The timeout per protected resource feature is enabled on the Linux Access Gateway Appliances 5 If y...

Страница 4: ...ce from the network 4 Install the SLES 11 version of the Access Gateway Appliance For installation instructions see Installing the Linux Access Gateway Appliance http www novell com documentation beta...

Страница 5: ...C1 using the Name Password Form method Set the authentication timeout value to 15 minutes and set the Activity realm to test 2 At the Access Gateway create protected resource PR1 and assign C1 to it 3...

Страница 6: ...signing a Timeout Per Protected Resource http www novell com documentation beta novellaccessmanager31 accessgatehelp data prlist html bmn94qo 2 1 2 Known Issues None 2 1 3 Procedure 1 Create a new aut...

Страница 7: ...13 Go back to the page on protected resource PR1 Access should still be allowed The user has not been inactive so the activity has kept the session to PR1 active 14 Access the page on protected resou...

Страница 8: ...t confusion all authentication contracts should be assigned the default session timeout if the Any Contract option is used 2 2 Unique Activity Realms The purpose of this scenario is to introduce you t...

Страница 9: ...e PR2 9 Update the Access Gateway 10 Access a page on protected resource PR1 from a client browser You should be prompted to authenticate 11 Access a page on protected resource PR2 with the same brows...

Страница 10: ...ct option To prevent authentication timeout confusion all authentication contracts should be assigned the default session timeout if the Any Contract option is used 3 Access Gateway Service Scenarios...

Страница 11: ...s use one of the basic configuration scenarios from the Setup Guide http www novell com documentation beta novellaccessmanager31 basicconfig data bookinfo html To use an existing Web server see Config...

Страница 12: ...edure 1 Log in to the Administration Console then click Devices SSL VPNs Edit 2 Click Client Integrity Check Policies 3 Create new policies for different operating systems For example 3a Select Window...

Страница 13: ...ager 3 1 SP2 provides an option in the Administration Console to control the desktop cleanup options for the SSL VPN users You can configure the following client cleanup options Clear Browser Private...

Страница 14: ...ption provided by OpenVPN to authenticate the client before OpenVPN negotiation is initiated It means that the first packet from the OpenVPN client to the OpenVPN server contains the HMAC signature Th...

Страница 15: ...ell sslvpn hmac key file holds the same HMAC key as in the config xml file After regenerating the key the time stamp should change appropriately The config xml file and the hmac key file should be upd...

Страница 16: ...following A single host IP address such as 192 168 45 1 A range of IP addresses in the same subnet such as 192 168 46 8 192 168 46 21 A network or mask such as 192 168 47 0 255 255 255 0 A full tunnel...

Страница 17: ...bookinfo html Kiosk mode is not supported on 64 bit Windows clients 4 5 2 Known Issues In a Windows 7 32 bit client the Internet Explorer 8 browser cannot be used in the Kiosk mode to access HTTP dat...

Страница 18: ...session and verify that the client cleanup options are enforced by verifying the browser private data and Java cache 4 5 4 Test Results for New Client Operating Systems In each of the clients the brow...

Страница 19: ...ity check enforcement for the application definition type of AbsoluteFile has been extended to use MD5 checksum With this change you can now use the file name as well as the MD5 checksum value of the...

Страница 20: ...e file on the client is the same as the definition on the SSL VPN server 4 6 6 Troubleshooting Tips If you initially had a file whose MD5 checksum was calculated on the SSL VPN server then the file wa...

Страница 21: ...4 Specify details of the Embedded Service Provider Base URL For this beta scenario select HTTP and specify port 80 5 Select the Enable Port Translation option 6 In the To field specify the port Tomcat...

Страница 22: ...r import deliverables You agree not to export or re export to entities on the current U S export exclusion lists or to any embargoed or terrorist countries as specified in the U S export laws You agre...

Отзывы:

Нет отзывов

Похожие инструкции для Access Manager 3.1 SP2 Beta 1

WJ-ND300 Administrator Console

Бренд: Panasonic Страницы: 27

Controller Mode

Бренд: Sony Ericsson Страницы: 10

Бренд: Juniper Страницы: 748

Бренд: Novell Страницы: 126

SMROUTERUPDATINGFIRMWARE

Бренд: Belkin Страницы: 4

Unified Messenger

Бренд: Avaya Страницы: 35

CLUSTER SUITE 4.7 DM MULTIPATH

Бренд: Red Hat Страницы: 38

PC ANYWHERE SOLUTION V 12.5

Бренд: Symantec Страницы: 63

SMALL BUSINESS SERVER

Бренд: Intel Страницы: 79

Бренд: MINOLTA-QMS Страницы: 42

256B1-05A761-1301 - AutoCAD Revit Structure Suite 2010

Бренд: Autodesk Страницы: 1638

Бренд: FieldServer Страницы: 29

Бренд: Bay Networks Страницы: 130

Бренд: Xerox Страницы: 60

FLASH 8-DEVELOPING FLASH LITE 2.X

Бренд: MACROMEDIA Страницы: 94

Бренд: NETGEAR Страницы: 2

ANTI-VIRUS 5.5 - FOR LINUX-FREEBSD MAIL...

Бренд: KAPERSKY Страницы: 93

INSIGHT - TEACHER

Бренд: FARONICS Страницы: 9

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды