Vasco IDENTIKEY AG-3 Series Скачать руководство пользователя страница 51 | Manualshive

Страница: 51 / 54

background image

aXsGUARD Gatekeeper Installation Guide v2.7

aXsGUARD Gatekeeper Security Concepts

11.5

Computers and Servers

Caution

A security policy without user authentication is not as secure as a policy with user
authentication. Without user authentication, anyone with physical access to a computer in
your network can (ab)use the Web access and firewall policies which are assigned to it (i.e.
abuse your public IP address).

Even if user- and group specific policies have been configured for Web and firewall access,
they cannot be applied without user authentication; system or computer level policies are
applied instead.

VASCO strongly recommends application of Policies with user authentication, rather than
Computer registration.

Computers from which users authenticate do not need to be registered on the aXsGUARD Gatekeeper.

Registering a computer on the aXsGUARD Gatekeeper allows a policy to be applied to the computer. An
unauthenticated user on a registered computer is assigned computer-level Web access and firewall policies,
based the computer's IP address.

Servers are dedicated computers which handle requests for data, e-mail, file transfers and other network
services coming from other computer or hosts in a network. Server configuration for the aXsGUARD Gatekeeper
varies according to whether you are using the appliance as a gateway with firewall or exclusively as an
authentication appliance on your LAN.

If you are using the aXsGUARD Gatekeeper as a gateway, firewall and Web access policies need to be
configured to allow servers to access specific services in another network, on the aXsGUARD Gatekeeper or on
the Internet, for instance a Microsoft updates server on the Internet.

If you are using the aXsGUARD Gatekeeper exclusively for authentication on your LAN, a server record needs to
be registered for each server in your network which needs to use the RADIUS server on the aXsGUARD
Gatekeeper.

©

August 2010 - VASCO Data Security

51

«
...
49
50
51
52
53
...
»

Содержание IDENTIKEY AG-3 Series

Страница 1: ...aXsGUARD Gatekeeper Installation Guide...

Страница 2: ...UIRES LIABILITY DESPITE THE FOREGOING EXCLUSIONS AND LIMITATIONS Intellectual Property and Copyright VASCO Products contain proprietary and confidential information VASCO Data Security Inc and or VASC...

Страница 3: ...ng on the aXsGUARD Gatekeeper 14 4 3 Connecting to your Network 16 4 4 Workstation TCP IP Settings 16 5 Installation steps an overview 18 6 Logging into the Administrator Tool 19 7 Changing the sysadm...

Страница 4: ...ontent Scanning and E mail Server Features Active 45 9 8 2 Content Scanning Feature Active E mail Server Feature Inactive 47 9 8 3 Content Scanning and E mail Server Features both Inactive 48 10 What...

Страница 5: ...nistrator Password 21 Image 14 Changing the System Administrator Password Password entry 21 Image 15 Downloading the System Info file 22 Image 16 VASCO s Product Registration Website 23 Image 17 VASCO...

Страница 6: ...figuration IP Settings 43 Image 39 Network General 44 Image 40 E mail Domains Add New with SMTP and E mail Server Features 46 Image 41 E mail Domain Add New SMTP Only 47 Image 42 E mail General SMTP a...

Страница 7: ...eper Installation Guide v2 7 Table of Contents Index of Tables Table 1 System General Fields 37 Table 2 Network Devices Eth eth0 Fields 39 Table 3 Network Devices Eth eth1 Fields 42 August 2010 VASCO...

Страница 8: ...ur Local Area Network please refer to the aXsGUARD Gatekeeper Authentication Quick Install guide In sections 1 2 and 1 3 we introduce the aXsGUARD Gatekeeper and VASCO In section 2 we provide safety a...

Страница 9: ...tation include The aXsGUARD Gatekeeper System Administration How To guide which provides detailed information about configuration using the Administrator Tool How To guides which provide detailed info...

Страница 10: ...ed by security policies which implement a combination of rules for example whether a user must use a DIGIPASS One Time Password in combination with a static password for authentication Rules can be fu...

Страница 11: ...o a socket which is properly grounded Before disconnecting the power supply turn the system off Use the exact type of network cable recommended to conform to certification restrictions only use a netw...

Страница 12: ...d Power Supply If the equipment is built into a server cupboard make sure there is sufficient ventilation Environmental requirements are Operating Temperature Range 10 to 35 degrees Celsius 50 to 95 d...

Страница 13: ...address in your network the Default Gateway setting in your network DNS Server IP address es for your network DNS Suffix es optional the Maintenance Reference provided by VASCO for licensing your app...

Страница 14: ...ion you need for installation listed in section 3 4 2 Powering on the aXsGUARD Gatekeeper Powering the aXsGUARD Gatekeeper on requires the following four steps 1 Connect the eth0 interface to the netw...

Страница 15: ...15 Image 5 Example Stickers Labeling Interfaces on the aXsGUARD Gatekeeper AG 3XX4 Image 6 Example Stickers Labeling Interfaces on the aXsGUARD Gatekeeper AG 5XX6 Image 4 Example Stickers Labeling In...

Страница 16: ...llation of the aXsGUARD Gatekeeper requires temporarily isolating a client workstation from the network and linking it to the aXsGUARD Gatekeeper This involves changing a client workstation IP address...

Страница 17: ...see above check that the network cable is in good working order and correctly plugged into the device labeled eth0 on the aXsGUARD Gatekeeper and your network hub or switch see section 4 2 Once the wo...

Страница 18: ...onfigure a spare unit please refer to the aXsGUARD Gatekeeper Replacement How To With a licensed appliance configurations for all purchased options are possible for a user with full administration rig...

Страница 19: ...68 250 254 82 Note 1 Remember to include the port number 82 after the IP address or the connection will fail 2 If the aXsGUARD Gatekeeper is configured as the browser s proxy tool may be used rather t...

Страница 20: ...tem administrator s Username and Password use lower case only Username sysadmin Password sysadmin Press Enter or click on Log in see image above to proceed The screen below displays August 2010 VASCO...

Страница 21: ...confirm the System Administrator Password fields shown in the image below The password should consist of at least 6 characters some of which are digits For more information on secure passwords please...

Страница 22: ...using the System Info file Maintenance Reference for a commercial license only Serial Number for a commercial license only details of your organization 3 Uploading the License file to the aXsGUARD Gat...

Страница 23: ...nloaded a commercial License file which remains valid indefinitely this is explained in section 8 3 1 an evaluation License file which is only valid for 30 days this is described in section 8 3 2 8 3...

Страница 24: ...u may be asked to complete a form providing details before proceeding with registration In this case after completion and submission of the form an email will be sent to you with a link for validation...

Страница 25: ...browse to the System Info file downloaded in section 8 2 7 Click on Next to continue 8 Right click to download and save the License file see image below August 2010 VASCO Data Security 25 Image 19 Upl...

Страница 26: ...ile to be issued you need to 1 Browse to VASCO s Registration website https sc vasco com registration see image below Select Click here for an evaluation license see image below 2 Select Gatekeeper re...

Страница 27: ...E see image below 4 Enter the names of a contact and of your organization and optionally a description see image below 5 Enter or Browse to the System Info file downloaded in section 8 2 6 In the Comp...

Страница 28: ...tallation Guide v2 7 Licensing 8 Right click to download and save the evaluation License file see image below August 2010 VASCO Data Security 28 Image 24 Uploading the System Info file Image 25 Downlo...

Страница 29: ...ence Import 3 Enter or browse to the License file see image below Click on Update 4 Successful License importation is confirmed see image below Note After successful Licensing the User sysadmin will o...

Страница 30: ...changed as soon as you log on otherwise the appliance can be accessed by non authorized users see section 7 The sysadmin user see section 5 has limited access This default user can only modify some g...

Страница 31: ...Documentation button in the Administrator Tool 6 Under the aXsGUARD Gatekeeper Administration tab select Full Administration see image above 7 Click on Update Save 8 Log off and log on with the newly...

Страница 32: ...aXsGUARD Gatekeeper Installation Guide v2 7 aXsGUARD Gatekeeper Configuration August 2010 VASCO Data Security 32 Image 29 Configuration possibilities with full administrator rights...

Страница 33: ...nted see image below The Customer Information screen continues to display on logon until the information has been entered and submitted by clicking on Update Customer information is sent to VASCO back...

Страница 34: ...eld The Dealer contact tab is then displayed for data entry 3 If you prefer not to receive any mailings from VASCO uncheck the checkbox shown on the above screen to specify which information to receiv...

Страница 35: ...the sub menu is collapsed also displays the sub menu Some menu items such as Computers do not have sub menus Clicking on the minus sign closes collapses the sub menu of the selected item Clicking on t...

Страница 36: ...curity It should be changed as soon as you log on otherwise the appliance could be accessed by non authorized users 2 The Domain Name is not necessarily the Windows Domain Name see also the Domain Nam...

Страница 37: ...ver and is used whenever the aXsGUARD Gatekeeper sends an e mail to the administrator or the outside world For more information on the aXsGUARD Gatekeeper DNS please refer to the document aXsGUARD Gat...

Страница 38: ...fault secure LAN device is shown in section 4 2 9 6 1 Setting up the Ethernet Secure LAN Device To set up the Ethernet Secure LAN Device 1 Navigate to Network Devices Eth 2 Click on eth0 secure LAN Th...

Страница 39: ...by the aXsGUARD Gatekeeper firewall DMZ An insecure zone in your company with official or non official IP addresses This is where you would place any servers you wish to be accessible from the Interne...

Страница 40: ...ot relevant to your setup If your aXsGUARD Gatekeeper acts as a gateway between your LAN and the Internet configuring the Internet device as instructed in this section is essential To set up the Ether...

Страница 41: ...om hackers by the aXsGUARD Gatekeeper firewall DMZ An insecure zone in your company with official or non official IP addresses This is where you would place any servers you wish to be accessible from...

Страница 42: ...GUARD Gatekeeper as a gateway to the Internet the Domain Name Server DNS to be entered here is the the name provided by your Internet Service Provider ISP If necessary contact your ISP for the correct...

Страница 43: ...Gatekeeper e mail system to operate More information on these settings is available in the documentation about e mail concepts which can be accessed by clicking on the Documentation button in the aXsG...

Страница 44: ...g a Microsoft Exchange Server To configure this setup 1 Navigate to E mail Domains and click on Add New see image 41 2 Enter the system domain as entered under System General see section 9 5 3 Enter...

Страница 45: ...cenario allows system e mails to be transmitted to another system in the secure LAN or to the ISP SMTP relay server if no mail system is available in the secure LAN without aXsGUARD Gatekeeper interve...

Страница 46: ...tation button in the Administrator Tool For more information on the above tasks please refer to the document aXsGUARD Gatekeeper System Administration How To This document also explains the structure...

Страница 47: ...s etc Configurations vary therefore depending on the features enabled with your appliance see section 1 2 11 2 Security Policies and Levels Caution The aXsGUARD Gatekeeper system wide policy system le...

Страница 48: ...ned at different levels please refer to the aXsGUARD Gatekeeper System Administrator How To the aXsGUARD Gatekeeper Authentication How To and the feature specific How To guides These documents are all...

Страница 49: ...ess of application e g from everybody to a specific user and restrictive powers from very restrictive to less restrictive Restrictions are high for a large number of people but can be reduced for a si...

Страница 50: ...which allows users to send and receive all e mails except those with dangerous executable attachments or those which are identified as spam If the aXsGUARD Gatekeeper spam detection system identifies...

Страница 51: ...ws a policy to be applied to the computer An unauthenticated user on a registered computer is assigned computer level Web access and firewall policies based the computer s IP address Servers are dedic...

Страница 52: ...t does not require any configuration of extra access rights on the aXsGUARD Gatekeeper Servers within the same subnet communicate directly without aXsGUARD Gatekeeper intervention 11 6 System Caution...

Страница 53: ...rted in the Knowledge Base at the following URL http www vasco com support 2 If there is no solution in the Knowledge Base please contact the company which supplied you with the VASCO product 3 If you...

Страница 54: ...ements Protection 11 12 Ethernet Internet Device 41 Ethernet Secure LAN Device 38 Further Configuration 49 General Network Settings 43 Humidity 12 Knowledge Base 56 LAN Interface 14 Licensing 22 Logs...

Отзывы:

Нет отзывов

Похожие инструкции для IDENTIKEY AG-3 Series

Бренд: D-Link Страницы: 15

Бренд: D-Link Страницы: 2

Бренд: A-Link Страницы: 6

FrameSaver 9120

Бренд: Paradyne Страницы: 2

Бренд: Axis Страницы: 104

Бренд: Intel Страницы: 108

Бренд: Ruckus Wireless Страницы: 102

Procont LMC-008-IO

Бренд: janitza Страницы: 28

Бренд: ebm-papst Страницы: 11

Easy Tool-ID BSG TID-05-T30-00-005

Бренд: Balluff Страницы: 46

memonizerWORKSTATION

Бренд: MEMON Страницы: 2

Бренд: S&T Страницы: 28

Бренд: Advantech Страницы: 66

Бренд: HMS Страницы: 18

Бренд: EVGA Страницы: 3

Бренд: CTC Union Страницы: 12

Бренд: Boser Страницы: 82

Бренд: JETWAY Страницы: 15

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды