Symantec On-Demand Protection 2.6 Juniper IVE SSL VPN 5.2 Integration Guide

Size: px
Start display at page:

Download "Symantec On-Demand Protection 2.6 Juniper IVE SSL VPN 5.2 Integration Guide"

Transcription

1 Symantec On-Demand Protection 2.6 Juniper IVE SSL VPN 5.2 Integration Guide

2 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide ii

3 Preface Copyright Information: Symantec Corporation Copyright by Symantec Corporation. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means, electronic, mechanical, or otherwise, without prior written permission of Symantec Corporation. Information in this document is subject to change without notice and does not constitute any commitment on the part of Symantec Corporation. Symantec Corporation may own patents or pending patent applications, trademarks, copyrights, and other intellectual property rights covering the subject matter of this document. Furnishing of this documentation does not in any way grant you a license to any patents, trademarks, copyrights, or other intellectual property of Symantec Corporation. Symantec, Symantec Secure Enterprise, and the Symantec S Logo are registered trademarks or trademarks of Symantec Corporation. Microsoft and Windows are registered trademarks of Microsoft Corporation. All other companies and product names referenced herein may be trademarks or registered trademarks of their respective holders. iii

4 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Copyright Information: Juniper Networks, Inc. Copyright (c) Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, NetScreen, NetScreen Technologies, GigaScreen, and the NetScreen logo are registered trademarks of Juniper Networks, Inc. NetScreen-5GT, NetScreen-5GT ADSL, NetScreen-5XP, NetScreen-5XT, NetScreen-25, NetScreen-50, NetScreen-100, NetScreen-204, NetScreen-208, NetScreen-500, NetScreen- 5200, NetScreen-5400, NetScreen-Global PRO, NetScreen-Global PRO Express, NetScreen-Remote Security Client, NetScreen-Remote VPN Client, NetScreen-IDP 10, NetScreen-IDP 100, NetScreen-IDP 500, GigaScreen ASIC, GigaScreen-II ASIC, and NetScreen ScreenOS are trademarks of Juniper Networks, Inc. All other trademarks and registered trademarks are the property of their respective companies. Information in this document is subject to change without notice. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without receiving written permission from: Juniper Networks, Inc N. Mathilda Ave., Sunnyvale, CA ATTN: General Counsel iv

5 Preface Table of Contents Product Overview... 1 Background...1 Symantec Products...1 Symantec On-Demand Manager...1 Symantec On-Demand Agent...2 Juniper Products...2 NetScreen Instant Virtual Extranet...2 NetScreen Secure Access Appliance...2 Supported Configurations...3 How Symantec and Juniper Products Work Together...3 Basic Integration Steps...4 System Requirements...4 Symantec On-Demand...4 Juniper SSL VPN...4 NetScreen Appliance Prerequisites...5 Secure Application Manager and Network Connect Roles Bit Encryption...6 Symantec Support...6 Third-Party Product Support...6 Two Integration Methods...7 API Method...7 Custom User Interface Method...7 API Integration...9 Step 1: Use Symantec On-Demand Manager to Create Files...9 Prerequisites...9 Install the On-Demand Manager...9 Display the Partner Integration Button...9 Procedure...11 Configure and Export Virtual Desktop URL...11 Step 2: Use Juniper IVE Console to Upload Files...14 Prerequisites...14 Procedure...14 Step 3: Configure the NetScreen Secure Access Appliance...16 Prerequisites...16 Procedures...16 Create the Authentication Realm...17 Configure the Sign-in URL...19 Configure the Host Checker and Role Mappings...21 Custom User Interface Integration Step 1: Use Symantec On-Demand Manager to Create Files...25 Prerequisites...25 Symantec...25 Juniper...25 v

6 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Procedures...25 Configure URLs...26 Set Up Policies for Export...27 Step 2: Create Custom UI and Upload Files to Appliance...28 Prerequisites...28 Procedures...28 Create Custom UI...29 Edit Custom UI...30 Edit Pre-5.0 ZIP File Contents...31 Upload Custom UI...32 Step 3: Configure the NetScreen Secure Access Appliance...33 Prerequisites...33 Procedures...33 Configure Host Checker Policy...34 Create Two Different Realms...39 Create the Insecure Realm...39 Create the Secure Realm...41 Configure the Secure Realm...43 Configure User Authentication Realms: Host Checker Tab...43 Configure User Authentication Realms: Role Mapping Tab...45 Create Two Different Sign-In Policies...48 Create Insecure Sign-In Policy...48 Create Secure Sign-in Policy...50 vi

7 Product Overview Juniper Networks NetScreen Secure Access appliances, combined with Symantec On- Demand Agents, help enterprises to secure applications by ensuring the integrity of endpoints and protecting the data that is transmitted to them. This combination also enables the encryption of data that is transmitted, as well as removal of data upon disconnect. Background The fundamental shift from client-server to Web-based applications has changed the way employees, business partners, customers, and suppliers access and utilize corporate information. In a client-server world, corporate information is protected by securing corporate-owned devices and authenticating the user. In contrast, clientless Web-based applications and services can be accessed from any computer, including employee-owned computers, airport kiosks, hotel business center computers, and supplier systems. On these third-party-owned computers, the corporate security organization cannot verify the security of that computer, protect the information provided by the Web application, erase the information at session termination, or protect the entire session from malicious code. Symantec Products Symantec On-Demand Manager The Symantec On-Demand Manager secures Web applications by ensuring the integrity of endpoints and protecting the data that is transmitted to them. This is done through providing the Symantec On-Demand Agent via automatic download at the time of connection to the enterprise Web portal. Administrators use the Symantec On-Demand Manager to configure the Agent to implement a coordinated set of modules and options. 1

8 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Symantec On-Demand Agent The Symantec On-Demand Agent is downloaded to the endpoint from the SSL VPN appliance at connection time, eliminating the need to have pre-installed client software to secure data on third-party-owned systems. The connection is only allowed if the endpoint is fully compliant with security policy and the appropriate On-Demand data protection components are in place. Symantec On-Demand works seamlessly to protect endpoints connecting to: Webmail SSL VPNs portals financial, health care and human resources applications ERP systems Juniper Products NetScreen Instant Virtual Extranet The IVE Platform is the foundation of the NetScreen Secure Access family of SSL VPN appliances, as well as the Remote Access and Secure Meeting appliances. The NetScreen Instant Virtual Extranet (IVE) platform is the software foundation of NetScreen s hardened Application Security Gateways and enables appliances to plug seamlessly into an enterprise s existing security infrastructure. NetScreen Secure Access Appliance The NetScreen Secure Access (NS-SA) appliances provide a complete range of enterpriseclass scalability, high availability, and security functionality for customers seeking to costeffectively extend secure access to network resources. Customers benefit from the ubiquity that SSL VPNs are known for, as well as from the redundancy and scalability provided by clustering these devices. 2

9 Product Overview Supported Configurations The current implementation of the Symantec On-Demand/Juniper SSL VPN integration supports the following configurations: Integration Type Partner Integration (API Method) Custom User Interface Supported Modules Symantec Virtual Desktop only All Symantec On-Demand modules (Adaptive Policies, Cache Cleaner, Host Integrity, Virtual Desktop, Malicious Code Prevention /Application Control and Connection Control) Other module combinations (for example, using both the Symantec and the Juniper Cache Cleaners) may provide some functionality but have not been tested or verified and thus are not officially supported. How Symantec and Juniper Products Work Together Administrators use the Symantec On-Demand Manager to configure one or more modules (Virtual Desktop, Host Integrity, and Cache Cleaner) to be uploaded to the Juniper appliance. Once these modules are configured, the administrator uses the On-Demand Manager to create a folder containing the Symantec On-Demand Agent files. The Symantec On-Demand Agent folder is then uploaded to the NetScreen Secure Access appliance. When a user connects to the appliance, the Symantec On-Demand Agent is installed and launched on the endpoint. The Agent then launches the module(s) that were configured using the On- Demand Manager. If Host Integrity was configured, then the Agent verifies the integrity of the endpoint. If Virtual Desktop was configured, then a Virtual Desktop session is established. The Agent then launches the login process to the IVE. The user is authenticated and authorized by an LDAP or authorization server, or by the IVE s own internal authentication database. Once authorized, the user can then access corporate resources such as or corporate servers as defined in the resource policies on the IVE. 3

10 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Basic Integration Steps The list below details the basic steps required to integrate Symantec On-Demand functionality with the Juniper appliance. This document covers only the steps that are shaded. The other steps are explained in the Symantec and Juniper documents noted below. Install and configure the Symantec On-Demand Manager on a workstation. See the Symantec On-Demand Administration Guide for complete instructions. Install and configure the NetScreen Secure Access appliance. See the Juniper documentation for your appliance for complete instructions. Use the Symantec On-Demand Manager to create and configure Symantec On- Demand modules, and then write them to.zip files. Use one of the two integration methods (Custom UI or API) to upload the.zip files to the NetScreen Secure Access appliance. Configure the NetScreen Secure Access appliance to deploy Symantec On-Demand. Test. See NetScreen Instant Virtual Extranet Platform Administration Guide for complete instructions. System Requirements Symantec On-Demand For complete information about the system requirements for Symantec On-Demand Manager or Symantec On-Demand Agent, please see Minimum Installation Requirements in the Symantec On-Demand Administration Guide. Note: as a prerequisite to installing the Symantec On-Demand Manager, you must install the Java Runtime Environment (JRE) version or later. If you need to download and install the required version of JRE, go to navigate to Downloads, and click Java VM. Juniper SSL VPN Please see the NetScreen Instant Virtual Extranet Platform Administration Guide for complete information about minimum requirements. 4

11 Product Overview NetScreen Appliance Prerequisites Secure Application Manager and Network Connect Roles Before you can implement either the API or Custom UI version of the Symantec/Juniper integration, at least one role must exist on the NetScreen Secure Access appliance. Because many users are likely to want access to the IVE s Secure Application Manager and Network Connect features, we will create roles in this example that will provide access to these features. These roles will be called JSAM and Network Connect. Please note that these roles are provided as examples only; these specific roles are not required to implement the Symantec/Juniper integration. The JSAM role will provide access to the Java version of Secure Application Manager. See the NetScreen Instant Virtual Extranet Platform Administration Guide s Secure Application Manager Overview section for complete information about this feature. The Network Connect role (which exists on the appliance by default) provides access to the IVE s Network Connect feature, which is described in NetScreen Instant Virtual Extranet Platform Administration Guide s Network Connect Overview. To create the roles, perform the following steps. 1. Log on to the appliance as an administrator. 2. On the appliance s administration console, select Users Roles. The Roles screen appears. 3. Click the New Role button, name the new role JSAM, and use the various menus available to enable the settings shown for JSAM in the figure above. See NetScreen 5

12 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Instant Virtual Extranet Platform Administration Guide s Configuring the SAM Page for complete information. 4. Because the Network Connect role is created by default, it will probably already be present on your appliance. If it is not, repeat step 3 for Network Connect (see the NetScreen Instant Virtual Extranet Platform Administration Guide s Configuring the Network Connect Page for complete information. 128-Bit Encryption The Juniper IVE appliance requires that you use a browser that offers 128-bit rather than 40-bit encryption to access the IVE s SSL VPN. You can also specify 168-bit encryption. Browsers that meet the IVE security requirements for Core functionality include Internet Explorer 5.5+, Netscape Communicator 4.7+, Mozilla 1.6 and Safari 1.0, 1.1, and 1.2. For information about browser requirements for Advanced functionality, please see Juniper's Platform Guide: IVE Supported Platforms, OS Service Package Version 4.2, NetScreen-SA Product Line. Symantec Support Symantec Corporation provides a wide variety of service and Support programs. Contact Enterprise Support through its web site, by , or by telephone. Web site: support.sygate.com address: Toll free number: (877) TECH-800 ( ) Int'l Toll free number: Third-Party Product Support If you obtained this product from a hardware or software company other than Symantec Corporation directly, your software license as well as all service and support should be obtained through that vendor. Check the Addendum provided with the package for service and support information. 6

13 Two Integration Methods There are two basic methods you can use to integrate the Symantec On-Demand functionality with the NetScreen Secure Access appliance. One uses a built-in Host Check Client Interface to manage the integration, and the other uses a customized user interface based on templates to accomplish the same goal. You need to choose which integration method to use. The advantages and limitations of each method are listed below. API Method The Partner Integration button in the Symantec On-Demand makes it easy to upload the Symantec On-Demand Agent to the NetScreen Secure Access appliance. If the Partner Integration button does not appear, follow the steps in Display the Partner Integration Button on page 9 to display it. This release of the integration supports only the Symantec On-Demand Virtual Desktop module. Custom User Interface Method Uses the existing set of customizable templates within the NetScreen Secure Access appliance to upload Symantec On-Demand. Requires several steps to upload Symantec On-Demand to the appliance and to configure the appliance to deploy the On-Demand module(s). Enables the use of any or all of the Symantec On-Demand modules. Requires the Advanced license for NS-SA appliances. Can also be implemented on Secure Meeting appliances, but not on Remote Access appliances. 7

14 8

15 Host Checker API Integration API Integration Step 1: Use Symantec On-Demand Manager to Create Files This section describes how to use the Symantec On-Demand Manager to configure the Virtual Desktop module. Later sections describe how to upload the module to the NetScreen Secure Access appliance and how to configure the appliance to deploy Symantec On-Demand. Prerequisites Install the On-Demand Manager The instructions that follow assume that the Symantec On-Demand Manager is installed on your machine, and that your copy of Symantec On-Demand Manager is licensed with the Virtual Desktop module enabled. For information about licensing issues, or about how to install or configure the Symantec On-Demand Manager, see the Symantec On-Demand Administration Guide. Display the Partner Integration Button In previous releases, the On-Demand Manager displayed a Partner Integration button on the main Virtual Desktop page by default. Starting with the Symantec On-Demand 2.6 release, you must edit the On-Demand Manager s configuration file to display this button. To display the button: 1. Close the Symantec On-Demand Manager and navigate to the directory that contains the setup.xml file. The default location is C:\Program Files\Symantec\Symantec On-Demand\On- DemandAgent\setup.xml 2. Using any standard text editing application (Notepad, Wordpad, etc.) open setup.xml and locate the attribute APIIntegration and change its value from 0 to 1. 9

16 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide 3. Save and close setup.xml. 4. Reopen the On-Demand Manager. The Partner Integration button should now be displayed. 10

17 Host Checker API Integration Procedure You need to perform two basic tasks in the On-Demand Manager to prepare files for integration with the NetScreen Secure Access appliance. Configure the Virtual Desktop to access the IP address or DNS-resolvable name of the appliance. Generate a.zip file to export the On-Demand module to the appliance. These tasks are described in detail in the rest of this section. Configure and Export Virtual Desktop URL In the Symantec On-Demand Manager, the Virtual Desktop page contains a Partner Integration button, which allows you to capture the policies you have specified and prepare the module for upload to the NetScreen Secure Access appliance. Please see the Symantec On- Demand Manager Administration Guide for information about how to create individual policies. 1. Launch the Symantec On-Demand Manager and click the plus sign (+) next to Location (Office in this example) to expand it. 2. Click Virtual Desktop. 3. Click the URL tab. 4. In the Success area of the URL tab, enter the IP address or DNS-resolvable name of the NetScreen Secure Access appliance s login page. (Don t forget to enter the s in https, and make sure that Set Cookie is not checked.). 11

18 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide 5. Using the Virtual Desktop and Web Browser tabs, set up the On-Demand policies and rules that you want to export to the Juniper appliance. Remember to click Apply to save your settings. 6. Click the Partner Integration button to display the Export Virtual Desktop dialog. (If no Partner Integration button is displayed, see Display the Partner Integration Button on page 9. 12

19 Host Checker API Integration 7. Click the Generate Agent button. The Save dialog appears. 8. Enter the name of the.zip file to upload to the IVE (vd in this example) and click Save. 13

20 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Step 2: Use Juniper IVE Console to Upload Files This section describes how to upload the.zip file that contains the Virtual Desktop module to the NetScreen Secure Access appliance. A later section describes how to configure the appliance to deploy the module. Prerequisites The instructions that follow assume that the Juniper IVE has been configured according to the instructions in the appliance s installation guide and the NetScreen Instant Virtual Extranet Platform Administration Guide. Procedure Use the following procedure to upload.zip file for integration with the NetScreen Secure Access appliance: 1. Log on to the appliance as an administrator. 2. On the appliance s administration console, select Signing In Endpoint Host Checker. 3. In the Policies area of the Host Checker tab, click the New 3 rd Party Policy button. 4. On the New 3 rd Party Policy page, enter the name you want to give the new policy (vd in this example), browse to the.zip file s location (C:\Program 14

21 Host Checker API Integration Files\Symantec\Symantec On-Demand\On-Demand Agent - Juniper for a default installation) and select the file, and then click the Save Changes button. 15

22 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Step 3: Configure the NetScreen Secure Access Appliance This section describes how to configure the NetScreen Secure Access appliance to deploy the Symantec On-Demand Agent. Earlier sections described how to use the Symantec On- Demand Manager to configure the Virtual Desktop, create Agents, and how to upload the Agents to the NetScreen Secure Access appliance. Prerequisites The instructions that follow assume that the NetScreen Secure Access appliance and the Juniper IVE have been installed and configured according to the instructions in the appliance s installation guide and the NetScreen Instant Virtual Extranet Platform Administration Guide. Procedures You need to perform three basic tasks to configure the NetScreen Secure Access appliance to deploy the Symantec On-Demand Agent: Create a User Authentication Realm. Link the User Authentication Realm to the default Sign-in URL (*/). Configure Host Checker to point to the uploaded On-Demand Agent zipfile. 16

23 Host Checker API Integration Create the Authentication Realm 1. Log on to the appliance as an administrator. 2. On the appliance s Central Manager console, click Users Authentication to display the User Authentication Realms page. 3. Click New to display the New Authentication Realms page. 17

24 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide 4. Enter the name (API Realm in this example) in the Name box, and in the Servers list, select the name of the authentication server (such as LDAP or local Juniper server, called spring in this example) that you will use to authenticate your users. Click Save Changes. 18

25 Host Checker API Integration Configure the Sign-in URL 1. On the appliance s Central Manager console, click System Signing In to display the Signing In page. 19

26 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide 2. Click */ in the User URLs list to display the Signing In */ page: 3. Select Default Sign-in from the Sign-in Page list. Then select User picks from a list of authentication realms, and use the Add button to add API Realm to the selected realms. Click Save Changes. 20

27 Host Checker API Integration Configure the Host Checker and Role Mappings 1. Log on to the appliance as an administrator. 2. On the appliance s Central Manager console, click Users Authentication API Realm Authentication Policy Host Checker to display the Host Checker page. 3. In the Available Policies list, click Require and Enforce for both vd and vd.vsdcheck. During the upload process, the IVE creates two policies: one with just the name you specified for the.zip file and one that appends.vsdcheck to the end of that name. It is important that you select Require and Enforce for both policies. 4. Click Save Changes to save your changes. 21

28 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide 5. Click the Users Authentication API Realm Role Mapping tab to display the Role Mapping screen. 22

29 Host Checker API Integration 6. Click New Rule to display the Role Mapping Rule screen. 7. Enter a name for the rule (optional), and then enter an asterisk (wild card) in the Rule: If Username is box. This will cause all users to be routed to the specified roles. 8. In the Then assign these roles area, use the Add button to add the roles (JSAM and NC) that you created in the Secure Application Manager and Network Connect Roles section on page 5 of this document. 23

30 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide 9. Click Save Changes. The API Realm screen is displayed. 10. Select User must select from among assigned roles, and click Save Changes. For more information about creating and configuring realms and user roles, see the NetScreen Instant Virtual Extranet Platform Administration Guide. 24

31 Custom User Interface Integration Step 1: Use Symantec On-Demand Manager to Create Files This section describes how to use the Symantec On-Demand Manager to configure the Virtual Desktop, Host Integrity and Cache Cleaner modules. Later sections describe how to upload the modules to the NetScreen Secure Access appliance and how to configure the appliance to deploy them. Prerequisites Symantec The instructions that follow assume that the Symantec On-Demand Manager is installed on your machine, and that your copy of the Symantec On-Demand Manager is licensed with the Host Integrity and Virtual Desktop modules enabled. For information about licensing issues, or about how to install or configure the Symantec On-Demand Manager, see the Symantec On-Demand Administration Guide. Juniper You must have an Advanced license for your Juniper SSL VPN appliance. Procedures You need to perform three basic tasks in the On-Demand Manager to prepare files for integration with the NetScreen Secure Access appliance: Configure the On-Demand module(s) to access the IP address or DNS-resolvable name of the appliance. Each module can point to a different sign-in page if desired. Set and apply policies for each module. Generate.zip files to export the On-Demand module(s) to the appliance. These tasks are described in detail below. 25

32 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Configure URLs 1. Launch the Symantec On-Demand Manager and click the + sign next to Location (Office in this example) to expand it. 2. Click the module you want to export (Virtual Desktop in this example). 3. Click the URL tab. 4. In the Success area of the URL tab, enter the IP address or DNS-resolvable name of the NetScreen Secure Access appliance s login page. (Don t forget to enter the s in https, and make sure that Set Cookie is not checked.). In this example the URL is composed of the appliance s IP address and the /vd/ extension. You will use this URL later when you create the Secure sign-in policy on the NetScreen Secure Access appliance. See Create Secure Sign-in Policy on page 50 for more information. 5. Using the Virtual Desktop and Web Browser tabs, set up the On-Demand policies and rules that you want to export to the Juniper appliance. Remember to click Apply to save your settings. 6. Repeat steps 2 through 5 for each module for which you want to specify a URL. Please note that you cannot use the same URL extension (/vd/ in this example) for the other modules. Each module you configure must have a different extension. For further information about setting up URLs for locations, see the Setting the Success and Failure URLs section of the Symantec On-Demand Manager Administration Guide. 26

33 Custom UI Integration Set Up Policies for Export When you use the Custom UI integration method, you can specify policies for all of the Symantec On-Demand modules and prepare them for upload to the NetScreen Secure Access appliance. You can specify different policies for each of your locations. Please see the Symantec On-Demand Manager Administration Guide for detailed information about how to create policies. 1. Launch the Symantec On-Demand Manager and click the + next to the desired location (Office in this example) to expand it. 2. Click Host Integrity, Virtual Desktop, or Cache Cleaner (Virtual Desktop in this example) and specify the policies you want to enforce on endpoint machines in this location. 3. Click Apply to save your settings. 4. Continue specifying policies for the other modules as desired. Remember to click Apply to save your settings before exiting each tab. 27

34 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Step 2: Create Custom UI and Upload Files to Appliance This section describes how to upload the.zip files that contain the Symantec On-Demand Agent (SOA) to the NetScreen Secure Access appliance. A later section describes how to configure the appliance to deploy the SOA. Prerequisites The instructions that follow assume that the NetScreen Secure Access appliance and the Juniper IVE have been installed and configured according to the instructions in the appliance s installation guide and the NetScreen Instant Virtual Extranet Platform Administration Guide. The instructions also assume that roles (JSAM and NC) have already been created on the NetScreen Secure Access appliance. Please see Secure Application Manager and Network Connect Roles on page 5 for instructions on how to create these roles. Procedures You need to perform three basic tasks create and upload.zip files containing the Symantec On-Demand Agent for integration with the NetScreen Secure Access appliance: Create a custom UI from a template. Edit the custom UI to point to the Symantec files. Upload the custom UI. These three tasks are described in the rest of this section. 28

35 Custom UI Integration Create Custom UI NOTE: if you are upgrading from a previous version of the IVE, you may prefer to edit your pre-5.0.zip file instead of downloading and customizing a new one. To do so, please skip the instructions below and proceed to Edit Pre-5.0 ZIP File Contents for instructions. 1. Log on to the appliance as an administrator. 2. Click System Signing In, and then click the Sign-In Pages tab. 3. Click Upload Custom Pages to display the Custom Sign-In Pages screen. 4. In the Sample Template Files area, click Sample and follow the prompts to save the sample template.zip file (called Sample.zip) to a location where you can access it later. 5. Extract the files from Sample.zip. 29

36 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Edit Custom UI Note: For specific information on exactly how to edit files in the.thtml format, please see Create Custom Sign-In Pages in the NetScreen Instant Virtual Extranet Platform Administration Guide. 1. Navigate to the location in which you saved the sample template.zip file (Sample.zip). 2. Extract the files from Sample.zip. 3. Using any text or HTML editor, open the file LoginPage.thtml (one of the files you extracted from Sample.zip) and perform these general steps. Locate and remove the User Name and Password fields. Replace User Name and Password with the following html code: <a href= On-DemandAgent/index.htm >Run the Symantec On-Demand Agent</a>. Locate and remove the code that displays the Submit button. Locate the code that displays the message This is the custom sign-in page for the demo!! and replace it with text you want to display to users when this page is displayed (optional). Save and close LoginPage.thtml. 4. Locate the On-DemandAgent folder that you created in Set Up Policies for Export on page 27 and copy it into the same directory as the unzipped files from Sample.zip. 5. Rezip the files from Sample.zip along with the On-DemandAgent folder. Note: make sure that the html files from Sample.zip are located at the root level of the new zip file you create. Otherwise the NetScreen Secure Access appliance will be unable to locate these files within the.zip file and the upload procedure will fail. 6. Rename the.zip file to any name you choose. 30

37 Custom UI Integration Edit Pre-5.0 ZIP File Contents If you are upgrading your Custom UI from a previous version of the IVE, you may prefer to edit your pre-5.0.zip file instead of downloading and customizing a new one. To do so, follow the instructions below. 1. Unzip the old zip file 2. Delete the LoginPage-ppc.thtml 3. Edit the LoginPage.thtml to add the following text as the very FIRST line: <%# NetScreen Page Version 1001 %> 4. Edit the LoginPage.thtml to add the following snippet anywhere in the page, except in a comment: <% IF 0 %> <% prompts %> <% END %> 5. Zip up all the pages and associated objects. 6. Upload this zip file to the IVE appliance. 31

38 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Upload Custom UI 1. Log on to the appliance as an administrator. 2. Click System Signing In, then click the Sign-in Pages tab. 3. Click Upload Custom Pages. 4. In the Sign-In Pages area, enter a name in the Name box (Sygate Virtual Desktop in this example). This is the name that will be used later when you configure the Insecure sign-in policy. See Create Insecure Sign-In Policy on page 48 for further information. 5. In the Sign-In Pages area s Templates File box, use the Browse button to locate and specify the zip file that contains your custom UI files. 6. Click skip validation checks during upload. The file may fail to upload if you do not check this box. 7. Click Upload Custom Pages. When the upload is complete, your.zip file name will be displayed below the Templates File box. 32

39 Custom UI Integration Step 3: Configure the NetScreen Secure Access Appliance This section describes how to configure the NetScreen Secure Access appliance to deploy the Symantec On-Demand modules. Earlier sections described how to use the Symantec On-Demand Manager to configure the modules, set policies, and create and upload a custom UI. Prerequisites The instructions that follow assume that the NetScreen Secure Access appliance and the Juniper IVE have been installed and configured according to the instructions in the appliance s installation guide and the NetScreen Instant Virtual Extranet Platform Administration Guide. Procedures To use the Symantec On-Demand Agent to provide secure user access to the IVE, the On- Demand Agent needs to be made accessible from the IVE sign-in pages. You need to perform four basic tasks in the IVE to make this possible: Configure Host Checker to ensure the On-Demand Agent is running Create and configure two realms (one insecure and one secure ) Create two sign-in policies (an insecure one that provides endpoints with access to the Agent, and a secure one that allows endpoints that meet Host Checker criteria to access your network). Implement the Secure sign-in policy. These tasks are described in detail in the rest of this section. 33

40 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Configure Host Checker Policy Host Checker needs to check to see if the On-Demand Agent is running. To do this, you need to configure Host Checker to check for different conditions depending on which On- Demand modules you uploaded: Modules Configured Virtual Desktop only Host Integrity only Cache Cleaner only Virtual Desktop and Host Integrity Cache Cleaner and Host Integrity Checks cclient.exe process is running HKEY_CURRENT_USER\SSPisRunning key exists type: DWORD value: 1 HKEY_CURRENT_USER\HIisRunning key exists type: DWORD value: 1 cclient.exe process is running cclient.exe process is running HKEY_CURRENT_USER\SSPisRunning key exists type: DWORD value: 1 cclient.exe process is running HKEY_CURRENT_USER\HIisRunning key exists type: DWORD value: 1 In this example, we will create a Host Checker policy for the Virtual Desktop module. To create this policy, perform the following steps. 34

41 Custom UI Integration 1. Log on to the appliance as an administrator. 2. Go to Signing In Endpoint Host Checker. 35

42 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide 3. Click the New button to display the New Host Checker Policy tab. 4. In the Policy Name box, enter the name you want to give to this policy (VD in this example) and click Continue to display the Host Checker Policy tab. 5. In the Rule Settings area, select Custom Rule: Process from the list and click Add. 36

43 Custom UI Integration 6. On the Add Custom Rule: Process page, enter cclient.exe in the Process Name field and click Required. 7. Click Save Changes. The Host Checker Policy page is displayed. 8. In the Rule Settings area, select Custom Check: Registry Setting from the list box and click Add. 37

44 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide 9. On the Add Custom Rule: Registry Setting page, select HKEY_CURRENT_USER from the Registry Root Key list. 10. In the Name box, enter SSPisRunning. 11. In the Type list, select DWORD. 12. In the Value box, enter 1. Click Save Changes. 38

45 Custom UI Integration Create Two Different Realms You need to create two distinct user authentication realms: The Insecure realm. This realm maps users to the Insecure sign-in page, which is the On-Demand Agent deployment page created and uploaded using the Custom UI method. Note that this page does not allow users to directly sign into the IVE appliance. Instead, it allows users to download the On-Demand Agent and then access the IVE sign-in page that is associated with the Secure realm. The Secure realm. This realm maps users to the default login page. It uses Host Checker to check for the presence of the On-Demand Agent before allowing a user to submit credentials to the IVE for authentication. Create the Insecure Realm To create the Insecure realm, perform the following steps: 1. Log on to the appliance as an administrator. 2. Go to Users Authentication User Authentication Realms tab. 39

46 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide 3. Click the New button to display the New Authentication Realm tab. 4. In the Name box, enter the name you plan to give to your insecure realm (InSecureVD in this example). 5. In the Authentication box in the Servers area, specify the desired authentication server (spring in this example). 6. Click Save Changes. 40

47 Custom UI Integration Create the Secure Realm To create the Secure realm, perform the following steps: 1. Log on to the appliance as an administrator. 2. Go to Users Authentication User Authentication Realms tab. 41

48 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide 3. Click the New button to display the New Authentication Realm tab. 4. In the Name box, enter the name you plan to give to your secure realm (SecureVD in this example). 5. In the Authentication box in the Servers area, specify the desired authentication server (spring in this example). 6. Click Save Changes. 42

49 Custom UI Integration Configure the Secure Realm To configure the Secure realm, perform the following steps. Configure User Authentication Realms: Host Checker Tab 1. Log on to the appliance as an administrator. 2. Select User Authentication to display the User Authentication Realms page. 3. Click the SecureVD link, and then click Authentication Policy Host Checker to display the User Authentication Realms SecureVD page. 43

50 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide 4. In the Available Policies list, select the policy name (VD in this example) that you created in the Configure Host Checker step. 5. Click Save Changes to save your changes. 44

51 Custom UI Integration Configure User Authentication Realms: Role Mapping Tab 1. Log on to the appliance as an administrator. 2. Select User Authentication to display the User Authentication Realms page. 3. Click the SecureVD link, and then click the Role Mapping tab to display the User Authentication Realms SecureVD page. 45

52 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide 4. Click the New Rule button to display the Role Mapping Rule page. 46

53 Custom UI Integration 5. Enter a name in the Name: box (optional). 6. In the Rule: If username s first dropdown, select is, and enter * (for all users) in the second. 7. Select the desired roles (JSAM and Network Connect) from the Available Roles: area and click Add-> to add them to the Selected Roles: list. 8. Click Save Changes. 47

54 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Create Two Different Sign-In Policies You need to create two distinct sign-in policies: The InsecureVD sign-in policy, which uses the Custom UI that contains the Symantec On-Demand Agent. These users map to the InsecureVD realm. The SecureVD sign-in policy, which requires that all users connecting to this URL must have the Symantec Virtual Desktop running, which is enforced by Host Checker. These users map to the SecureVD realm. Create Insecure Sign-In Policy 1. Log on to the appliance as an administrator. 2. Click System Signing In and then click the Sign-In Policies tab. 48

55 Custom UI Integration 3. Click New URL to display the New Sign-In Policy page. 4. In the User Type area, click Users. 5. In the Sign-in URL box, enter */. 6. Enter a description (optional). 7. In the Sign-In Page box, enter the name you gave to your custom sign-in page (Sygate Virtual Desktop in this example.) See Upload Custom UI on page 32 for more information. 8. In the Authentication Realm area, click User picks from a list of authentication realms. 9. In the Available Realms list, select InSecureVD and click Add to add it to the Selected Realms list. 10. Click Save Changes. 49

56 Symantec On-Demand 2.6/Juniper IVE 5.2 SSL VPN Integration Guide Create Secure Sign-in Policy 1. Log on to the appliance as an administrator. 2. Click System Signing In and then click the Sign-In Policies tab: 50

57 Custom UI Integration 3. Click New URL button to display the New Sign-In Policy tab. 4. In the User Type area, click Users. 5. In the Sign-in URL box, enter */urlname/ where /urlname/ is the name you assigned to the URL in the Symantec On-Demand Manager (/vd/ in this example). See Configure URLs on page 26 for more information. 6. Enter a description (optional). 7. In the Sign-In Page box, select Default Sign-In Page from the list. 8. In the Authentication Realm area, click User picks from a list of authentication realms. 9. In the Available Realms list, select SecureVD and then click Add to add it to the Selected Realms list. 10. Click Save Changes. 51

Symantec On-Demand 2.6/ Juniper IVE SSL VPN 5.2 Integration Guide Addendum

Symantec On-Demand 2.6/ Juniper IVE SSL VPN 5.2 Integration Guide Addendum Symantec On-Demand 2.6/ Juniper IVE SSL VPN 5.2 Integration Guide Addendum Uploading the Jedi Package: Preventing Virtual Desktop Bypass during User Access to Juniper SSL VPN Appliance Symantec On-Demand

More information

Getting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0

Getting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0 Getting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0 PN: 12199694 Getting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0 The software described

More information

Clientless SSL VPN Users

Clientless SSL VPN Users Manage Passwords, page 1 Username and Password Requirements, page 3 Communicate Security Tips, page 3 Configure Remote Systems to Use Clientless SSL VPN Features, page 3 Manage Passwords Optionally, you

More information

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication Certificate Based 2010 Integration VASCO Data Security. Guideline All rights reserved. Page 1 of 31 Disclaimer Disclaimer of

More information

Host Access Management and Security Server

Host Access Management and Security Server Host Access Management and Security Server Evaluation Guide Host Access Management and Security Server Evaluation Guide 12.2 Copyrights and Notices Copyright 2015 Attachmate Corporation. All rights reserved.

More information

Application Interface Services Server for Mobile Enterprise Applications Configuration Guide Tools Release 9.2

Application Interface Services Server for Mobile Enterprise Applications Configuration Guide Tools Release 9.2 [1]JD Edwards EnterpriseOne Application Interface Services Server for Mobile Enterprise Applications Configuration Guide Tools Release 9.2 E61545-01 October 2015 Describes the configuration of the Application

More information

SOA Software API Gateway Appliance 7.1.x Administration Guide

SOA Software API Gateway Appliance 7.1.x Administration Guide SOA Software API Gateway Appliance 7.1.x Administration Guide Trademarks SOA Software and the SOA Software logo are either trademarks or registered trademarks of SOA Software, Inc. Other product names,

More information

Polycom CMA System Upgrade Guide

Polycom CMA System Upgrade Guide Polycom CMA System Upgrade Guide 5.0 May 2010 3725-77606-001C Trademark Information Polycom, the Polycom Triangles logo, and the names and marks associated with Polycom s products are trademarks and/or

More information

Quick Install Guide. Lumension Endpoint Management and Security Suite 7.1

Quick Install Guide. Lumension Endpoint Management and Security Suite 7.1 Quick Install Guide Lumension Endpoint Management and Security Suite 7.1 Lumension Endpoint Management and Security Suite - 2 - Notices Version Information Lumension Endpoint Management and Security Suite

More information

SonicWALL SSL VPN 3.5: Virtual Assist

SonicWALL SSL VPN 3.5: Virtual Assist SonicWALL SSL VPN 3.5: Virtual Assist Document Scope This document describes how to use the SonicWALL Virtual Assist add-on for SonicWALL SSL VPN security appliances. This document contains the following

More information

Entrust Managed Services PKI Administrator Guide

Entrust Managed Services PKI Administrator Guide Entrust Managed Services PKI Entrust Managed Services PKI Administrator Guide Document issue: 3.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark or a registered

More information

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

Setting up VMware ESXi for 2X VirtualDesktopServer Manual Setting up VMware ESXi for 2X VirtualDesktopServer Manual URL: www.2x.com E-mail: info@2x.com Information in this document is subject to change without notice. Companies, names, and data used in examples

More information

Juniper SSL VPN Authentication QUICKStart Guide

Juniper SSL VPN Authentication QUICKStart Guide Juniper SSL VPN Authentication QUICKStart Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2012 SafeNet, Inc. All rights

More information

http://docs.trendmicro.com

http://docs.trendmicro.com Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the product, please review the readme files,

More information

SC-T35/SC-T45/SC-T46/SC-T47 ViewSonic Device Manager User Guide

SC-T35/SC-T45/SC-T46/SC-T47 ViewSonic Device Manager User Guide SC-T35/SC-T45/SC-T46/SC-T47 ViewSonic Device Manager User Guide Copyright and Trademark Statements 2014 ViewSonic Computer Corp. All rights reserved. This document contains proprietary information that

More information

INTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace

INTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace INTEGRATION GUIDE DIGIPASS Authentication for VMware Horizon Workspace Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is';

More information

Cisco ASA Authentication QUICKStart Guide

Cisco ASA Authentication QUICKStart Guide Cisco ASA Authentication QUICKStart Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2012 SafeNet, Inc. All rights reserved.

More information

FileMaker Server 14. FileMaker Server Help

FileMaker Server 14. FileMaker Server Help FileMaker Server 14 FileMaker Server Help 2007 2015 FileMaker, Inc. All Rights Reserved. FileMaker, Inc. 5201 Patrick Henry Drive Santa Clara, California 95054 FileMaker and FileMaker Go are trademarks

More information

Installation and Upgrade Guide

Installation and Upgrade Guide ControlPoint for Office 365 Publication Date: January 12, 2016 All Rights Reserved. This software is protected by copyright law and international treaties. Unauthorized reproduction or distribution of

More information

Clientless SSL VPN End User Set-up

Clientless SSL VPN End User Set-up 37 CHAPTER This ections is for the system administrator who sets up Clientless (browser-based) SSL VPN for end users. It summarizes configuration requirements and tasks for the user remote system. It also

More information

Connection Broker Managing User Connections to Workstations, Blades, VDI, and More. Quick Start with Microsoft Hyper-V

Connection Broker Managing User Connections to Workstations, Blades, VDI, and More. Quick Start with Microsoft Hyper-V Connection Broker Managing User Connections to Workstations, Blades, VDI, and More Quick Start with Microsoft Hyper-V Version 8.1 October 21, 2015 Contacting Leostream Leostream Corporation http://www.leostream.com

More information

Strong Authentication for Juniper Networks SSL VPN

Strong Authentication for Juniper Networks SSL VPN Strong Authentication for Juniper Networks SSL VPN with Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright Copyright 2011. CRYPTOCard

More information

http://docs.trendmicro.com

http://docs.trendmicro.com Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the product, please review the readme files,

More information

ActivIdentity 4TRESS AAA Web Tokens and SSL VPN Fortinet Secure Access. Integration Handbook

ActivIdentity 4TRESS AAA Web Tokens and SSL VPN Fortinet Secure Access. Integration Handbook ActivIdentity 4TRESS AAA Web Tokens and SSL VPN Fortinet Secure Access Integration Handbook Document Version 1.1 Released July 16, 2012 ActivIdentity 4TRESS AAA Web Tokens and SSL VPN Fortinet Secure Access

More information

Network Connect Installation and Usage Guide

Network Connect Installation and Usage Guide Network Connect Installation and Usage Guide I. Installing the Network Connect Client..2 II. Launching Network Connect from the Desktop.. 9 III. Launching Network Connect Pre-Windows Login 11 IV. Installing

More information

Workspot Configuration Guide for the Cisco Adaptive Security Appliance

Workspot Configuration Guide for the Cisco Adaptive Security Appliance Workspot Configuration Guide for the Cisco Adaptive Security Appliance Workspot, Inc. 1/27/2015 Cisco ASA and Workspot Overview The Cisco Adaptive Security Appliance (ASA) provides organizations with secure,

More information

Dell SonicWALL SRA 7.5 Citrix Access

Dell SonicWALL SRA 7.5 Citrix Access Dell SonicWALL SRA 7.5 Citrix Access Document Scope This document describes how to configure and use Citrix bookmarks to access Citrix through Dell SonicWALL SRA 7.5. It also includes information about

More information

Omniquad Exchange Archiving

Omniquad Exchange Archiving Omniquad Exchange Archiving Deployment and Administrator Guide Manual version 3.1.2 Revision Date: 20 May 2013 Copyright 2012 Omniquad Ltd. All rights reserved. Omniquad Ltd Crown House 72 Hammersmith

More information

SafeNet Authentication Service

SafeNet Authentication Service SafeNet Authentication Service Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep

More information

Junos Pulse. Windows In-Box Junos Pulse Client Quick Start Guide. Published: 2013-10-18. Copyright 2013, Juniper Networks, Inc.

Junos Pulse. Windows In-Box Junos Pulse Client Quick Start Guide. Published: 2013-10-18. Copyright 2013, Juniper Networks, Inc. Junos Pulse Windows In-Box Junos Pulse Client Quick Start Guide Published: 2013-10-18 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net All

More information

ControlPoint. Advanced Installation Guide. Publication Date: January 12, 2016. Metalogix International GmbH., 2008-2016 All Rights Reserved.

ControlPoint. Advanced Installation Guide. Publication Date: January 12, 2016. Metalogix International GmbH., 2008-2016 All Rights Reserved. ControlPoint Publication Date: January 12, 2016 All Rights Reserved. This software is protected by copyright law and international treaties. Unauthorized reproduction or distribution of this software,

More information

INTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN

INTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN INTEGRATION GUIDE IDENTIKEY Federation Server for Juniper SSL-VPN Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO

More information

IBM Security QRadar Vulnerability Manager Version 7.2.1. User Guide

IBM Security QRadar Vulnerability Manager Version 7.2.1. User Guide IBM Security QRadar Vulnerability Manager Version 7.2.1 User Guide Note Before using this information and the product that it supports, read the information in Notices on page 61. Copyright IBM Corporation

More information

BlackShield ID Agent for Remote Web Workplace

BlackShield ID Agent for Remote Web Workplace Agent for Remote Web Workplace 2010 CRYPTOCard Corp. All rights reserved. http:// www.cryptocard.com Copyright Copyright 2010, CRYPTOCard All Rights Reserved. No part of this publication may be reproduced,

More information

Managed Services PKI 60-day Trial Quick Start Guide

Managed Services PKI 60-day Trial Quick Start Guide Entrust Managed Services PKI Managed Services PKI 60-day Trial Quick Start Guide Document issue: 3.0 Date of issue: Nov 2011 Copyright 2011 Entrust. All rights reserved. Entrust is a trademark or a registered

More information

Remote Filtering Software

Remote Filtering Software Remote Filtering Software Websense Web Security Solutions v7.7-7.8 1996 2013, Websense, Inc. All rights reserved. 10240 Sorrento Valley Rd., San Diego, CA 92121, USA Published 2013 The products and/or

More information

Appendix E. Captioning Manager system requirements. Installing the Captioning Manager

Appendix E. Captioning Manager system requirements. Installing the Captioning Manager Appendix E Installing and configuring the Captioning Manager The Mediasite Captioning Manager, a separately sold EX Server add-on, allows users to submit and monitor captioning requests through Automatic

More information

Introduction to Mobile Access Gateway Installation

Introduction to Mobile Access Gateway Installation Introduction to Mobile Access Gateway Installation This document describes the installation process for the Mobile Access Gateway (MAG), which is an enterprise integration component that provides a secure

More information

PRODUCT CATEGORY BROCHURE. Juniper Networks SA Series

PRODUCT CATEGORY BROCHURE. Juniper Networks SA Series PRODUCT CATEGORY BROCHURE Juniper Networks SA Series SSL VPN Appliances Juniper Networks SA Series SSL VPN Appliances Lead the Market with Secure Remote Access Solutions That Meet the Needs of Organizations

More information

Veeam Backup Enterprise Manager. Version 7.0

Veeam Backup Enterprise Manager. Version 7.0 Veeam Backup Enterprise Manager Version 7.0 User Guide August, 2013 2013 Veeam Software. All rights reserved. All trademarks are the property of their respective owners. No part of this publication may

More information

Copyright 2012 Trend Micro Incorporated. All rights reserved.

Copyright 2012 Trend Micro Incorporated. All rights reserved. Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files,

More information

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal 1.1.3 On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal 1.1.3 On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected ( Avaya one X Portal 1.1.3 Lightweight Directory Access Protocol (LDAP) over Secure Socket Layer (SSL) Configuration This document provides configuration steps for Avaya one X Portal s 1.1.3 communication

More information

Dell One Identity Cloud Access Manager 8.0.1 - How to Configure Microsoft Office 365

Dell One Identity Cloud Access Manager 8.0.1 - How to Configure Microsoft Office 365 Dell One Identity Cloud Access Manager 8.0.1 - How to Configure Microsoft Office 365 May 2015 This guide describes how to configure Microsoft Office 365 for use with Dell One Identity Cloud Access Manager

More information

5.0 Secure Meeting Error Messages

5.0 Secure Meeting Error Messages Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408 745 2000 or 888 JUNIPER www.juniper.net Contents 5.0 Secure Meeting Error Messages...1 Contacting Juniper...1 Administrator

More information

Cox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]

Cox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft] Cox Managed CPE Services RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft] September, 2015 2015 by Cox Communications. All rights reserved. No part of this document may be reproduced or transmitted

More information

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates Entrust Managed Services Entrust Managed Services PKI Configuring secure LDAP with Domain Controller digital certificates Document issue: 1.0 Date of issue: October 2009 Copyright 2009 Entrust. All rights

More information

Getting Started Guide for Symantec On-Demand Protection

Getting Started Guide for Symantec On-Demand Protection Getting Started Guide for Symantec On-Demand Protection Getting Started Guide for Symantec On-Demand Protection The software described in this book is furnished under a license agreement and may be used

More information

Connection Broker Managing User Connections to Workstations and Blades, OpenStack Clouds, VDI, and more. Security Review

Connection Broker Managing User Connections to Workstations and Blades, OpenStack Clouds, VDI, and more. Security Review Connection Broker Managing User Connections to Workstations and Blades, OpenStack Clouds, VDI, and more Security Review Version 8.1 March 31, 2016 Contacting Leostream Leostream Corporation http://www.leostream.com

More information

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web Agent for Terminal Services Web and Remote Desktop Web 2010 CRYPTOCard Corp. All rights reserved. http:// www.cryptocard.com Copyright Copyright 2010, CRYPTOCard All Rights Reserved. No part of this publication

More information

Setting up Citrix XenServer for 2X VirtualDesktopServer Manual

Setting up Citrix XenServer for 2X VirtualDesktopServer Manual Setting up Citrix XenServer for 2X VirtualDesktopServer Manual URL: www.2x.com E-mail: info@2x.com Information in this document is subject to change without notice. Companies, names, and data used in examples

More information

Table of Contents. Welcome... 2. Login... 3. Password Assistance... 4. Self Registration... 5. Secure Mail... 7. Compose... 8. Drafts...

Table of Contents. Welcome... 2. Login... 3. Password Assistance... 4. Self Registration... 5. Secure Mail... 7. Compose... 8. Drafts... Table of Contents Welcome... 2 Login... 3 Password Assistance... 4 Self Registration... 5 Secure Mail... 7 Compose... 8 Drafts... 10 Outbox... 11 Sent Items... 12 View Package Details... 12 File Manager...

More information

Configuration Guide. SafeNet Authentication Service AD FS Agent

Configuration Guide. SafeNet Authentication Service AD FS Agent SafeNet Authentication Service AD FS Agent Configuration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document

More information

NSi Mobile Installation Guide. Version 6.2

NSi Mobile Installation Guide. Version 6.2 NSi Mobile Installation Guide Version 6.2 Revision History Version Date 1.0 October 2, 2012 2.0 September 18, 2013 2 CONTENTS TABLE OF CONTENTS PREFACE... 5 Purpose of this Document... 5 Version Compatibility...

More information

Acronis and Acronis Secure Zone are registered trademarks of Acronis International GmbH.

Acronis and Acronis Secure Zone are registered trademarks of Acronis International GmbH. 1 Copyright Acronis International GmbH, 2002-2016 Copyright Statement Copyright Acronis International GmbH, 2002-2016. All rights reserved. Acronis and Acronis Secure Zone are registered trademarks of

More information

Juniper Secure Access SSL VPN Log Configuration Guide

Juniper Secure Access SSL VPN Log Configuration Guide Juniper Secure Access SSL VPN Log Configuration Guide Document Release: March 2012 Part Number: LL600049-00ELS01000000 This manual supports LogLogic Juniper Secure Access SSL VPN Release 1.0 and later,

More information

Copyright 2015 SolarWinds Worldwide, LLC. All rights reserved worldwide. No part of this document may be reproduced by any means nor modified,

Copyright 2015 SolarWinds Worldwide, LLC. All rights reserved worldwide. No part of this document may be reproduced by any means nor modified, Copyright 2015 SolarWinds Worldwide, LLC. All rights reserved worldwide. No part of this document may be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole

More information

DIGIPASS Authentication for Citrix Access Gateway VPN Connections

DIGIPASS Authentication for Citrix Access Gateway VPN Connections DIGIPASS Authentication for Citrix Access Gateway VPN Connections With VASCO Digipass Pack for Citrix 2006 VASCO Data Security. All rights reserved. Page 1 of 31 Integration Guideline Disclaimer Disclaimer

More information

Juniper SSL VPN Notes Page 1

Juniper SSL VPN Notes Page 1 Juniper SSL VPN Notes Page 1 The Juniper SSL VPN is a full-featured appliance using SSL protocol to allow remote computers to securely access our organization s resources with a standard browser. The types

More information

Mobile Device Management Version 8. Last updated: 17-10-14

Mobile Device Management Version 8. Last updated: 17-10-14 Mobile Device Management Version 8 Last updated: 17-10-14 Copyright 2013, 2X Ltd. http://www.2x.com E mail: info@2x.com Information in this document is subject to change without notice. Companies names

More information

Agent Configuration Guide

Agent Configuration Guide SafeNet Authentication Service Agent Configuration Guide SAS Agent for Microsoft Internet Information Services (IIS) Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright

More information

Strong Authentication for Cisco ASA 5500 Series

Strong Authentication for Cisco ASA 5500 Series Strong Authentication for Cisco ASA 5500 Series with Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright Copyright 2011. CRYPTOCard

More information

2X Cloud Portal v10.5

2X Cloud Portal v10.5 2X Cloud Portal v10.5 URL: www.2x.com E-mail: info@2x.com Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise

More information

BlackShield ID MP Token Guide. for Java Enabled Phones

BlackShield ID MP Token Guide. for Java Enabled Phones BlackShield ID MP Token Guide for Java Enabled Phones Copyright 2010 CRYPTOCard Inc. http:// www.cryptocard.com Trademarks CRYPTOCard and the CRYPTOCard logo are registered trademarks of CRYPTOCard Corp.

More information

Verizon Remote Access User Guide

Verizon Remote Access User Guide Version 17.12 Last Updated: August 2012 2012 Verizon. All Rights Reserved. The Verizon names and logos and all other names, logos, and slogans identifying Verizon s products and services are trademarks

More information

A Guide to New Features in Propalms OneGate 4.0

A Guide to New Features in Propalms OneGate 4.0 A Guide to New Features in Propalms OneGate 4.0 Propalms Ltd. Published April 2013 Overview This document covers the new features, enhancements and changes introduced in Propalms OneGate 4.0 Server (previously

More information

ADMINISTRATOR S GUIDE

ADMINISTRATOR S GUIDE ADMINISTRATOR S GUIDE NetScreen-Statistical Report Server Version FP2 P/N 093-1386-000 Rev.A Copyright Notice Copyright 2004 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks

More information

CA Nimsoft Service Desk

CA Nimsoft Service Desk CA Nimsoft Service Desk Single Sign-On Configuration Guide 6.2.6 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation

More information

Installation Guide. SafeNet Authentication Service

Installation Guide. SafeNet Authentication Service SafeNet Authentication Service Installation Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information

More information

Installing and Configuring vcenter Support Assistant

Installing and Configuring vcenter Support Assistant Installing and Configuring vcenter Support Assistant vcenter Support Assistant 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced

More information

Check Point FDE integration with Digipass Key devices

Check Point FDE integration with Digipass Key devices INTEGRATION GUIDE Check Point FDE integration with Digipass Key devices 1 VASCO Data Security Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document

More information

CWOPA Broadband Users. Windows Operating System

CWOPA Broadband Users. Windows Operating System CWOPA Broadband Users Windows Operating System October 2012 Background These instructions are to be used for VPN users who have been assigned a CWOPA username and password. If your machine has Internet

More information

Introduction to the EIS Guide

Introduction to the EIS Guide Introduction to the EIS Guide The AirWatch Enterprise Integration Service (EIS) provides organizations the ability to securely integrate with back-end enterprise systems from either the AirWatch SaaS environment

More information

NovaBACKUP Remote Workforce Version 12.5 Cloud Restore

NovaBACKUP Remote Workforce Version 12.5 Cloud Restore NovaBACKUP Remote Workforce Version 12.5 Cloud Restore NovaStor / November 2011 Rev 20111114 2011 NovaStor, all rights reserved. All trademarks are the property of their respective owners. Features and

More information

FileMaker Server 15. Getting Started Guide

FileMaker Server 15. Getting Started Guide FileMaker Server 15 Getting Started Guide 2007 2016 FileMaker, Inc. All Rights Reserved. FileMaker, Inc. 5201 Patrick Henry Drive Santa Clara, California 95054 FileMaker and FileMaker Go are trademarks

More information

Installing and Configuring vcloud Connector

Installing and Configuring vcloud Connector Installing and Configuring vcloud Connector vcloud Connector 2.7.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new

More information

Intel vpro Technology. How To Purchase and Install Symantec* Certificates for Intel AMT Remote Setup and Configuration

Intel vpro Technology. How To Purchase and Install Symantec* Certificates for Intel AMT Remote Setup and Configuration Intel vpro Technology How To Purchase and Install Symantec* Certificates for Intel AMT Remote Setup and Configuration Document Release Date: September 14, 2012 Revision History Revision Revision History

More information

User Guide. The AMF's File Transfer Service (FTS)

User Guide. The AMF's File Transfer Service (FTS) User Guide The AMF's File Transfer Service (FTS) TABLE OF CONTENTS 1 INTENDED USERS... 3 2 SCOPE OF GUIDE... 3 3 BACKGROUND... 3 4 REQUIRED CONFIGURATION... 3 5 CONTACT INFORMATION FOR SUPPORT... 4 6 SECURITY...

More information

SOLARWINDS ORION. Patch Manager Evaluation Guide for ConfigMgr 2012

SOLARWINDS ORION. Patch Manager Evaluation Guide for ConfigMgr 2012 SOLARWINDS ORION Patch Manager Evaluation Guide for ConfigMgr 2012 About SolarWinds SolarWinds, Inc. develops and markets an array of network management, monitoring, and discovery tools to meet the diverse

More information

Foglight. Foglight for Virtualization, Free Edition 6.5.2. Installation and Configuration Guide

Foglight. Foglight for Virtualization, Free Edition 6.5.2. Installation and Configuration Guide Foglight Foglight for Virtualization, Free Edition 6.5.2 Installation and Configuration Guide 2013 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright.

More information

MaaS360 Cloud Extender

MaaS360 Cloud Extender MaaS360 Cloud Extender Installation Guide Copyright 2013 Fiberlink Communications Corporation. All rights reserved. Information in this document is subject to change without notice. The software described

More information

Global VPN Client Getting Started Guide

Global VPN Client Getting Started Guide Global VPN Client Getting Started Guide 1 Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION indicates potential

More information

Requirements on terminals and network Telia Secure Remote User, TSRU (version 7.1 R4)

Requirements on terminals and network Telia Secure Remote User, TSRU (version 7.1 R4) Requirements on terminals and network Telia Secure Remote User, TSRU (version 7.1 R4) Content Page Introduction 2 Platform support 2 Cross Platform support 2 Web and file browsing 2 Client-side Applets

More information

RSA Authentication Manager 8.1 Virtual Appliance Getting Started

RSA Authentication Manager 8.1 Virtual Appliance Getting Started RSA Authentication Manager 8.1 Virtual Appliance Getting Started Thank you for purchasing RSA Authentication Manager 8.1, the world s leading two-factor authentication solution. This document provides

More information

SafeNet Authentication Manager Express. Upgrade Instructions All versions

SafeNet Authentication Manager Express. Upgrade Instructions All versions SafeNet Authentication Manager Express Upgrade Instructions All versions www.safenet-inc.com 4690 Millennium Drive, Belcamp, Maryland 21017 USA Telephone: +1 410 931 7500 or 1 800 533 3958 www.safenet-inc.com

More information

System Administration Training Guide. S100 Installation and Site Management

System Administration Training Guide. S100 Installation and Site Management System Administration Training Guide S100 Installation and Site Management Table of contents System Requirements for Acumatica ERP 4.2... 5 Learning Objects:... 5 Web Browser... 5 Server Software... 5

More information

LumInsight CMS Installation Guide

LumInsight CMS Installation Guide LumInsight CMS Installation Guide This guide walks you through the installation steps to run your LumInsight CMS software. 078-1059-01C Echelon, LumInsight, and the Echelon logo are trademarks of Echelon

More information

NetScreen-5GT Announcement Frequently Asked Questions (FAQ)

NetScreen-5GT Announcement Frequently Asked Questions (FAQ) Announcement Frequently Asked Questions (FAQ) Q: What is the? A: The is a high performance network security appliance targeted to small or remote offices in distributed enterprises, including telecommuters,

More information

What s New in Juniper s SSL VPN Version 6.0

What s New in Juniper s SSL VPN Version 6.0 What s New in Juniper s SSL VPN Version 6.0 This application note describes the new features available in Version 6.0 of the Secure Access SSL VPN products. This document assumes familiarity with the Juniper

More information

MaaS360 On-Premises Cloud Extender

MaaS360 On-Premises Cloud Extender MaaS360 On-Premises Cloud Extender Installation Guide Copyright 2014 Fiberlink Communications Corporation. All rights reserved. Information in this document is subject to change without notice. The software

More information

Administrator s Guide for the Polycom Video Control Application (VCA)

Administrator s Guide for the Polycom Video Control Application (VCA) Administrator s Guide for the Polycom Video Control Application (VCA) Version 1.1 November 2007 Edition 3725-26448-004/A Trademark Information Polycom and the Polycom logo design are registered trademarks

More information

etoken Enterprise For: SSL SSL with etoken

etoken Enterprise For: SSL SSL with etoken etoken Enterprise For: SSL SSL with etoken System Requirements Windows 2000 Internet Explorer 5.0 and above Netscape 4.6 and above etoken R2 or Pro key Install etoken RTE Certificates from: (click on the

More information

Copyright http://support.oracle.com/

Copyright http://support.oracle.com/ Primavera Portfolio Management 9.0 Security Guide July 2012 Copyright Oracle Primavera Primavera Portfolio Management 9.0 Security Guide Copyright 1997, 2012, Oracle and/or its affiliates. All rights reserved.

More information

SECURE ACCESS TO THE VIRTUAL DATA CENTER

SECURE ACCESS TO THE VIRTUAL DATA CENTER SOLUTION BRIEF SECURE ACCESS TO THE VIRTUAL DATA CENTER Ensure that Remote Users Can Securely Access the Virtual Data Center s Virtual Desktops and Other Resources Challenge VDI is driving a unique need

More information

VMWARE VIEW WITH JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES

VMWARE VIEW WITH JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES APPLICATION NOTE VMWARE VIEW WITH JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES Configuring Secure SSL VPN Access in a VMware Virtual Desktop Environment Copyright 2010, Juniper Networks, Inc. 1 Table

More information

Configuration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Internet Information Services (IIS)

Configuration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Internet Information Services (IIS) SafeNet Authentication Service Configuration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information

More information

Citrix Online, div. of Citrix Systems Inc. GoToAssist TM. Product Category: Knowledge Management/eSupport Validation Date: 2/22/2005

Citrix Online, div. of Citrix Systems Inc. GoToAssist TM. Product Category: Knowledge Management/eSupport Validation Date: 2/22/2005 , div. of Citrix Systems Inc. GoToAssist TM Product Category: Knowledge Management/eSupport Validation Date: 2/22/2005 Product Abstract GoToAssist enables businesses to securely interact in real time with

More information

SOLARWINDS ORION. Patch Manager Evaluation Guide

SOLARWINDS ORION. Patch Manager Evaluation Guide SOLARWINDS ORION Patch Manager Evaluation Guide About SolarWinds SolarWinds, Inc. develops and markets an array of network management, monitoring, and discovery tools to meet the diverse requirements of

More information

Thinspace deskcloud. Quick Start Guide

Thinspace deskcloud. Quick Start Guide Thinspace deskcloud Quick Start Guide Version 1.2 Published: SEP-2014 Updated: 16-SEP-2014 2014 Thinspace Technology Ltd. All rights reserved. The information contained in this document represents the

More information

www.novell.com/documentation SSL VPN User Guide Access Manager 3.1 SP5 January 2013

www.novell.com/documentation SSL VPN User Guide Access Manager 3.1 SP5 January 2013 www.novell.com/documentation SSL VPN User Guide Access Manager 3.1 SP5 January 2013 Legal Notices Novell, Inc., makes no representations or warranties with respect to the contents or use of this documentation,

More information

SSL VPN Server Guide. Access Manager 3.2 SP2. June 2013

SSL VPN Server Guide. Access Manager 3.2 SP2. June 2013 SSL VPN Server Guide Access Manager 3.2 SP2 June 2013 Legal Notice THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE AGREEMENT OR A

More information