SAM Context-Based Authentication Using Juniper SA Integration Guide

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "SAM Context-Based Authentication Using Juniper SA Integration Guide"

Transcription

1 SAM Context-Based Authentication Using Juniper SA Integration Guide Revision A

2 Copyright 2012 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete and accurate. SafeNet, Inc. is not responsible for any direct or indirect damages or loss of business resulting from inaccuracies or omissions. The specifications contained in this document are subject to change without notice. SafeNet, SafeNet Authentication Manager and SafeNet Authentication Client are either registered with the U.S. Patent and Trademark Office or are trademarks of SafeNet, Inc., and its subsidiaries and affiliates, in the United States and other countries. All other trademarks referenced in this Manual are trademarks of their respective owners. SafeNet Hardware and/or Software products described in this document may be protected by one or more U.S. Patents, foreign patents, or pending patent applications. Please contact SafeNet Support for details of FCC Compliance, CE Compliance, and UL Notification. Date of Publication: August 2012 Last update: August

3 Contacting SafeNet We work closely with our reseller partners to offer the best worldwide technical support services. Your reseller is the first line of support when you have questions about products and services. However, if you require additional assistance you can contact the SafeNet technical support team help-desk which is available 24 hours a day, seven days a week: Country/Region Telephone USA International For further assistance submit additional questions to the SafeNet technical support team at the following web page: For assistance via to SafeNet technical support send the request to the following address: 3

4 Table of Contents About This Guide... 5 Intended Audience... 5 Additional Information... 5 Software Requirements... 5 Overview... 6 Security Assertion Markup Language... 6 Context-Based Authentication... 6 Context-Based Authentication Flow... 7 Pre-Configuration... 8 Preparing the Entity Id... 8 Preparing the Identity Provider URL and the Signing Certificate... 9 SAM Portal Configuration for SA SA Configuration as a Service Provider Creating an Authentication Server Setting the User Authentication Realm KCD Configuration Configuring the User Account Creating a KCD User Account in Active Directory Defining the Delegated Authentication Services Configuring the Exchange Server Configuring SA Configuring Web SSO Configuring the Constrained Delegation Service List Configuring SSO Policies Running the Solution User Authentication Scenario Troubleshooting

5 About This Guide The goal of this document is to provide guidance for setting up and managing SafeNet s contextbased authentication solution in a Juniper Networks Junos Pulse Secure Access Service (SA) environment based on SAML 2.0. The information in this guide includes the following: Solution requirement outline, and deployment scenarios for SafeNet s context-based authentication solution Step-by-step instructions for implementing Juniper Networks Junos Pulse Secure Access Service in a SAML solution Intended Audience The guide is intended for Information Technology professionals responsible for the organization s network security. Additional Information For a detailed explanation of SafeNet Authentication Manager (SAM) 8.0 SP4 and the other infrastructure components involved in the solution, or any other SafeNet products mentioned in this guide, refer to SafeNet s product documentation. For additional information on Microsoft or Juniper Networks software and hardware components mentioned in this guide, refer to the relevant manufacturers documentation. Software Requirements For this scenario, the working environment must include the following software: Juniper Networks Junos Pulse Secure Access Service Version 7.1 R5 or later Microsoft Active Directory SafeNet Authentication Manager 8.0 SP4 or later 5

6 PWR HD TEMP PS FAIL CONSOLE MGT (INT.) TRAFFIC LINK TX/RX LINK LINK TX/RX 2 3 TX/RX SA6000 SAM Context-Based Authentication Using Juniper SA Overview Security Assertion Markup Language Security Assertion Markup Language (SAML) 2.0 is a standard for exchanging authentication and authorization data between security domains. SAML 2.0 is an XML-based protocol that uses security tokens (information packets) containing assertions to pass information about a principal (usually an end-user) between an identity provider (IdP) and a web service. SAML 2.0 enables web-based scenarios including single signon (SSO) authentication. SAML 2.0 is supported by Juniper Networks Junos Pulse Secure Access Service (SA), enhancing the SSL VPN s ability to securely integrate single sign-on authentication and authorization with external applications, such as cloud application providers. In this SAML scenario, SA is the service provider, and SafeNet Authentication Manager (SAM) is the Identity Provider. SA implements the authentication result determined by SAM. Juniper SA Gateway SAML 2.0 Service Provider (SP) UNTRUSTED NETWORK e.g. INTERNET Federation Trust OWA 2010 SAM 8.0 SP4 SAML 2.0 Identity Provider (IdP) Context-Based Authentication Context rules define the conditions for determining the authentication risk level. For more information, see the SAM 8.0 SP4 Administrator s Guide. The context-based authentication policies define which authentication information users must provide for each risk level. For more information, see step 7 d of SAM Portal Configuration for SA, on page 12. 6

7 Context-Based Authentication Flow The following describes the process of SafeNet s SMS Messaging OTP solution. a. The user connects to SA using a web browser. b. SA redirects the user to the SafeNet Authentication Manager (SAM) Authentication Portal. c. The Authentication Portal displays a webpage requesting the authenticating user name. d. The user enters her user name. e. SAM uses its context rule policy configuration to determine the user s authentication risk level. f. If SAM determines that additional user credentials are required, the Authentication Portal displays a new page requesting those credentials. g. The user enters her credentials in the authentication fields. h. SAM verifies the user s credentials. i. SAM sends the SAML token to SA which redirects the user to the SA SSO website. j. The user selects a secure site, such as Outlook Web Access (OWA). k. Juniper SA uses Kerberos Constrained Delegation (Microsoft-based SSO) to automatically authenticate the user to the secure site. 7

8 Pre-Configuration To retrieve information required for this solution: Use the SA administrator s console for Preparing the Entity Id, on page 8. Use the SAM Configuration Manager for Preparing the Identity Provider URL and the Signing Certificate, on page 9. Preparing the Entity Id Retrieve the Entity Id from SA s SAML settings. To prepare the Entity Id: 1. In the SA administrator s console, go to System > Configuration > SAML > Settings. 2. In the Host FQDN for SAML field, enter the host name for SA when using SAML. 3. Click Save Changes. 4. Click Update Entity Ids. The Confirm Update Entity Ids message is displayed. 5. Click Update Entity Ids. 6. In the SA administrator s console, go to Authentication > Signing In. 8

9 7. Select the Sign-in SAML tab, and record the Entity Id value. You will need it for step 7 a of SAM Portal Configuration for SA, on page 12. Preparing the Identity Provider URL and the Signing Certificate Use the SAM Configuration Manager to retrieve the sign-in page URL, and the signing certificate. To prepare the sign-in page URL and the signing certificate: 1. From the Start menu, go to All Programs > SafeNet > SafeNet Authentication Manager> Configuration Manager. The Configuration Manager window opens. 2. From the menu bar, go to Action > Cloud Configuration. The Cloud Settings window opens. 9

10 3. Select the Info for Service Provider tab. 4. Complete the Domain URL of your company s SAM portals. The Single Sign-On URL fields are displayed. 5. Record the Sign-in page URL value. You will need it for step 5 b of Creating an Authentication Server, on page Click Export Certificate, and save the certificate file to a known location. You will need this location for step 6 of Creating an Authentication Server, on page Click OK, and close the SAM Configuration Manager. 10

11 SAM Portal Configuration for SA SAM s Token Policy Object (TPO) policies include Application Authentication Settings for Juniper SA. These settings are used by the SAM portal to communicate with SA. Note See the SAM 8.0 SP4 Administrator s Guide for general portal configuration. To configure the SAM portal: 1. Open the Token Policy Object Editor for the appropriate group. See the SAM 8.0 SP4 Administrator s Guide for more information. The Token Policy Object Editor window opens. 2. In the left pane, go to Protected Application Settings > User Authentication. Policies are displayed in the right pane. 3. In the right pane, double-click Application Authentication Settings. The Application Authentication Settings Properties window opens. 4. Select Define this policy setting, and select Enabled. 11

12 5. Click Definitions. The Application Authentication Settings window opens. 6. In the left pane, select Juniper SA. Policies are displayed in the right pane. 7. In the right pane, double-click the following policies, and enter the appropriate information: a. Application Issuer: Enter the Entity Id that was prepared in step 7 of Preparing the Entity Id, on page 9. b. SAM Issuer: Set this to any value. The default value is SAM. You will need this value for step 5 a of Creating an Authentication Server, on page 15. c. Application s login URL: Enter the Juniper SA login URL. This is the AssertionConsumerService > Location value that was recorded in step 11 of Creating an Authentication Server, on page 15, from the SAML Server s metadata file. d. Context-based authentication: The Context-based authentication Properties window opens. 12

13 Note This example assumes that SAM has been configured for context-based authentication, and that the portal will use context-based authentication. i. Select Define this policy setting. ii. For each Risk Level, open the Authentication Method drop-down menu, and select which authentication information users must provide for that level. iii. Note Selecting Blocked as the authentication method for one risk level automatically sets the higher risk levels to Blocked. Click OK. 8. Click OK until all of the TPO Editor windows are closed. 13

14 SA Configuration as a Service Provider Configure SA so that it is recognized by SAM as a SAML service provider. Creating an Authentication Server To create an Authentication Server: 1. In the SA administrator s console, go to Authentication > Auth. Servers. 2. From the New drop-down menu, select SAML Server, and click New Server. 3. The New SAML Server window opens. 14

15 4. Set the Server Name to any value. You will need this value for step 3 of Setting the User Authentication Realm, on page In the Settings area, do the following: a. Enter the Identity Provider Entity Id. This is SAM Issuer that was set in step 7 b of SAM Portal Configuration for SA, on page 12. The default value is SAM. b. Enter the Identity Provider Single Sign On Service URL. This is the Sign-in page URL that was prepared in step 5 of Preparing the Identity Provider URL and the Signing Certificate, on page In the SSO Method area, do the following: Next to Upload Certificate, click Choose File, and upload the certificate that was prepared in step 6 of Preparing the Identity Provider URL and the Signing Certificate, on page In the Service Provider Metadata Settings area, do the following: In the Metadata Validity field, enter the number of days for which the metadata will be valid. 8. Click Save Changes. 9. In the Service Provider Metadata Settings area, click Download Metadata, and download the metadata xml file. 10. Use a text editor to open the downloaded metadata file. 11. Record the metadata file s AssertionConsumerService > Location value, which is the application s login URL, in the format: name>/dana-na/auth/saml-consumer.cgi. You will need this value for step 7 b of SAM Portal Configuration for SA, on page 12. Setting the User Authentication Realm To set the user authentication realm: 1. In the SA administrator s console, go to Users > User Realms. 15

16 2. Select the appropriate authentication realm. In this example, the realm is Users. The realm s properties are displayed. 3. In the General tab, in the Servers > Authentication drop-down menu, select the authentication server that was created in step 4 of Creating an Authentication Server, on page Click Save Changes. 16

17 KCD Configuration Juniper SA is often used to protect Web application resources, such as Outlook Web Access (OWA) and SharePoint, which are based on Windows authentication. Kerberos Constrained Delegation (KCD) enables Single Sign On for the application resource, so that users are required to log on only once per session. The user logs on to SA, and then is not required to authenticate again when accessing Microsoft applications. The following steps are used to authenticate a user to a Web application: 1. SA verifies the user s identity using SAML authentication. 2. SA then impersonates the user and obtains a Kerberos service ticket. 3. The Web application resource uses the Kerberos ticket as proof of authentication, and the user is logged on. Setting up KCD with SA involves the following steps: a. Configuring the User Account, see page 17. b. Configuring the Exchange Server, see page 22. c. Configuring SA, see page 24. Configuring the User Account Creating a KCD User Account in Active Directory KCD requires an Active Directory user account that has Protocol Transition and Delegation rights. This account has rights to request a Kerberos ticket on behalf of a user signing in to SA. To create a new user in Active Directory: 1. From the Windows taskbar, select Start > Programs > Administrative Tools > Active Directory Users and Computers. The Active Directory Users and Computers window opens. 2. In the left pane, expand your domain name, and right-click Users. 17

18 3. In the drop-down menu, select New > User. The New Object - User window opens. 4. Add the new user's information. This account will be used to access Web application resources, such as OWA. You will need the User logon name value for the following steps: Step 1 of Defining the Delegated Authentication, on page 19 Step 11 c of Configuring the Constrained Delegation Service List, on page 27 In this example, the User logon name of the new account to provide Constrained Delegation is samservice. 18

19 Defining the Delegated Authentication Services To configure the new account for Web application access, do the following: a. Use the setspn command to enable the Delegation tab in the new user account s Properties window. b. Use the Delegation tab to enable the user to be trusted for delegation to all authentication protocols. To define the Delegated Authentication Services for the new user: 1. Open the Command Prompt window, and enter the command: setspn -A HTTP/<user_account> <domain>\<user_account> where: <user_account>is the User logon name created in step 4 of Creating a KCD User Account in Active Directory, on page 18 <domain> is your domain In the following example, sfnt is the domain, and samservice is the user account s User logon name. 2. In the Active Directory Users and Computers window, right-click the new user. The user s Properties window opens. 19

20 3. Select the Delegation tab. 4. Select the following options: Trust this user for delegation to specified services only Use any authentication protocol Note Do not select Use Kerberos only because that option is not compatible with Protocol Transition and Constrained Delegation. 5. Click Add. The Add Services window opens. 6. To select the computer hosting the constrained services, click Users or Computers. The Select Users or Computers window opens. 20

21 7. Enter the name of the protected service s server in the domain. Note In this example, the OWA service is hosted on the same server as Active Directory Domain Controller, so DC is selected. In the Add Services window, the services available on the selected server are displayed. 8. Select the appropriate service type, and click OK. Note In this example, Constrained Delegation must be configured for OWA. Select http to configure for OWA and for any other Web-based applications running on this server, such as Share Point. In the user s Properties window, the delegated services are displayed. 21

22 9. Click Apply, and then click OK. Active Directory is now configured for this solution. Configuring the Exchange Server Configure the server hosting the web application. Note This solution can be configured for any web application hosted on any server within the domain. In this example, the selected web application is OWA, and it is hosted on the same server as the Active Directory Domain Controller. To configure OWA and ECP: 1. Open the Microsoft Exchange console. 2. In the left pane, go to Server Configuration > Client Access. 3. In the middle pane s Client Access area, select your Exchange server. 4. In the server area, select the Outlook Web App tab. 22

23 5. Right-click owa (Default Web Site), and select Properties. The owa (Default Web Site) Properties window opens. 6. Select the Authentication tab, and do the following: a. Select Use one or more standard authentication methods. b. Select Integrated Windows Authentication. c. Click OK. 7. In the Microsoft Exchange console, select the Exchange Control Panel tab. 8. Right click ecp (Default Web Site), and select Properties. The ecp (Default Web Site) Properties window opens. 23

24 9. Select the Authentication tab, and do the following: a. Select Use one or more standard authentication methods. b. Select Integrated Windows Authentication. c. Click OK. 10. To restart IIS so that the configurations take effect, open a terminal and enter iisreset. Configuring SA Configure SA with Constrained Delegation for users connecting via SA to a selected application. This involves the following steps: a. Configuring Web SSO, see page 24. b. Configuring the Constrained Delegation Service List, see page 26. c. Configuring SSO Policies, see page 28. In this example, OWA is the application to which users connect. Configuring Web SSO Add the Kerberos Realm to SA s Kerberos SSO Settings. 1. In the SA administrator s console, go to Users > Resource Policies > Web > SSO (Single Sign-on) > General. 24

25 The WebPolicySSOGeneral window opens. 2. Select the SSO tab. 3. Select Enable Kerberos SSO. 4. In the Realm Definition area, add the Kerberos realm. You will need this for step 11 b of Configuring the Constrained Delegation Service List, on page 27. In this example, we add the realm sfnt.com. 25

26 Note the Kerberos Realm is typically the DNS domain. 5. Click Add. 6. Click Save Changes. Note The Site Name field can be used only if your Active Directory is set up with Sites. Configuring the Constrained Delegation Service List Upload a text file to create a Constrained Delegation Service List. To configure the Constrained Delegation Service List: 1. Open Notepad or similar text application, and create a file containing the DC server name. 2. Save the file. You will need it for step 7 of this procedure. 3. In the SA administrator s console, go to Users > Resource Policies > Web > SSO (Single Sign-on) > General. 4. Select the SSO tab. 5. In the Constrained Delegation area, click Edit. The Constrained Delegation Service Lists window opens. 6. Click New Service List. 26

27 7. In the Name field, enter any value. You will need it for step 11 e of this procedure. 8. Click Choose File, and browse to the text file saved in step 2 of this procedure. 9. Click OK. The Upload Status window opens. 10. When the upload is complete, click Close. 11. In the Constrained Delegation area, do the following: a. In the Label field, enter any value. You will need this for step 10 c of Configuring SSO Policies, on page 31. In this example, we enter sfnt. b. In the Realm drop-down menu, select the Kerberos realm defined in step 4 of Configuring Web SSO, on page 25. c. In the Principal Account field, enter the User logon name created in step 4 of Creating a KCD User Account in Active Directory, on page 18. Note In the example, we enter the samservice account created in Active Directory for Constrained Delegation. d. In the Password field, enter the user s domain password. 27

28 Note Ensure that the password is entered exactly as defined in the Active Directory. e. In the Service List drop-down menu, select the service list Name defined in step 7 of this procedure. f. Click Add. The realm is displayed in the Constrained Delegation area. Configuring SSO Policies Define the roles and resources for which Constrained Delegation will be performed. To configure SSO policies for OWA: 1. In the SA administrator s console, go to Users > Resource Policies > Web > Kerberos/NTLM/Basic Auth. 2. Select New Policy. The New Web Application Resource Profile window opens. 28

29 3. In the Type drop-down-down menu, select Microsoft OWA The OWA 2010 window opens. 4. Select the Resource tab. 29

30 5. In the Name field, enter any value for the policy name. 6. In the Base URL field, enter the OWA site s base URL. 7. Select Autopolicy: Web Compression. 8. In the Autopolicy: Web Compression area, d0 the following: a. In the Resource column, enter the OWA site. b. In the Action column drop-down menu, select Compress. c. Click Add. The resource is displayed on a new line. 30

31 9. Select Autopolicy: Single Sign-on. 10. In the Autopolicy: Single Sign-on area, d0 the following: a. Select Constrained Delegation. b. In the Resource field, enter the host FQDN of the web server. c. In the Credential drop-down menu, select the Constrained Delegation s Label defined in step 11 a of Configuring the Constrained Delegation Service List, on page Click Save Changes. 31

32 Running the Solution User Authentication Scenario In this example, a user named John authenticates to SA in the following environment: An OTP (One-Time-Password) for authentication is sent to John s mobile device as an SMS each time he needs to authenticate. John s authentication conditions match a context-based authentication rule that requires him to enter an OTP Authentication Code. How John authenticates to OWA: 1. John opens a web browser and browses to SA. In this example, the SA site is SA automatically redirects the authentication request to the SAM Authentication Portal. The Authentication Portal s User Identification window opens. 2. John enters his username, and clicks OK. An OTP is sent as an SMS to John s mobile device, and the SAM Authentication Portal s Authentication window opens. 32

33 3. John copies the OTP from his mobile device display, together with his OTP PIN if required, to the OTP Authentication Code field, and clicks OK. If the credentials are accepted, a message is displayed. John is redirected to the SA portal. 33

34 4. John clicks the OWA 2010 link. John is automatically authenticated to his OWA account. 34

35 Troubleshooting Problem Possible cause Solution The SAM Authentication Portal does not open An error message is displayed: Verification cert not available, Signature has no X509Cert An error message is displayed: Unknown issuer value in response An error message is displayed: Your system configuration is incorrect. Contact your administrator. The URL entered is not correct. The Identity Provider Single Sign On Service URL is not correct. The Response Signing Certificate in the authentication server is incorrect or missing. The Identity Provider Entity Id and the SAM Issuer do not match. The Application Issuer in the TPO is incorrect. Ensure that the URL entered is correct. In the SA configuration, ensure that the Identity Provider Single Sign On Service URL is correct. Export the signing certificate using SAM Configuration Manager, and import it again in the SA configuration s Authentication Server page. Ensure that the Identity Provider Entity Id in the SA configuration s Authentication Server page, and the SAM Issuer in the TPO are identical. Enter the correct Application Issuer in the TPO setting. After logon, an error message is displayed: The page you requested could not be found After logon, an error message is displayed: Schema validation failed for response. Audience must have TextContent An error message is displayed: Cloud portal authentication is not configured. Please contact your administrator. The Application s login URL in the TPO is incorrect. The Audience URI in the TPO is not enabled or is empty. Context-based authentication was not configured correctly. Enter the correct Application s login URL in the TPO. Enable the Audience URI option in the TPO, and enter a value. Configure context-based authentication in the TPO. 35

36 An error message is displayed: The authentication service has determined that this logon request has originated from a suspicious source. Please contact your administrator. The conditions of this contextbased authentication attempt are defined as a higher risk level, for which authentication is Blocked. The company may choose to re-evaluate its rules and risk levels for each group to determine if they are appropriate. 36

Protecting Juniper SA using Certificate-Based Authentication. Quick Start Guide

Protecting Juniper SA using Certificate-Based Authentication. Quick Start Guide Protecting Juniper SA using Certificate-Based Authentication Copyright 2013 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete and accurate.

More information

Microsoft Office 365 Using SAML Integration Guide

Microsoft Office 365 Using SAML Integration Guide Microsoft Office 365 Using SAML Integration Guide Revision A Copyright 2013 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete and accurate.

More information

Cloud Authentication. Getting Started Guide. Version 2.1.0.06

Cloud Authentication. Getting Started Guide. Version 2.1.0.06 Cloud Authentication Getting Started Guide Version 2.1.0.06 ii Copyright 2011 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete and accurate.

More information

SafeNet Authentication Service

SafeNet Authentication Service SafeNet Authentication Service Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep

More information

SafeNet Authentication Manager 8.2 and Windows Azure. Quick Start Guide

SafeNet Authentication Manager 8.2 and Windows Azure. Quick Start Guide SafeNet Authentication Manager 8.2 and Windows Azure Copyright 2013 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete and accurate. SafeNet,

More information

SafeNet Authentication Manager

SafeNet Authentication Manager SafeNet Authentication Manager TECHNICAL BRIEF Using SafeNet Authentication Manager as Identity Provider for AirWatch Contents Description... 2 Single Sign-On Dataflow... 2 Identity Provider Configuration...

More information

Integration Guide. SafeNet Authentication Manager. Using SAM SAML-based Authentication with Citrix NetScaler Gateway 10.1

Integration Guide. SafeNet Authentication Manager. Using SAM SAML-based Authentication with Citrix NetScaler Gateway 10.1 SafeNet Authentication Manager Integration Guide Using SAM SAML-based Authentication with Citrix NetScaler Gateway 10.1 Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright

More information

Juniper SSL VPN Authentication QUICKStart Guide

Juniper SSL VPN Authentication QUICKStart Guide Juniper SSL VPN Authentication QUICKStart Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2012 SafeNet, Inc. All rights

More information

Deploying SSTP using OTP

Deploying SSTP using OTP Deploying SSTP using OTP Version TBD How-To Guide June 2011 Copyright 2010 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete and accurate.

More information

SAML Authentication Quick Start Guide

SAML Authentication Quick Start Guide SAML Authentication Quick Start Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2013 SafeNet, Inc. All rights reserved.

More information

Cisco ASA Authentication QUICKStart Guide

Cisco ASA Authentication QUICKStart Guide Cisco ASA Authentication QUICKStart Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2012 SafeNet, Inc. All rights reserved.

More information

INTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN

INTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN INTEGRATION GUIDE IDENTIKEY Federation Server for Juniper SSL-VPN Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO

More information

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365 Configuring Single Sign-On from the VMware Identity Manager Service to Office 365 VMware Identity Manager JULY 2015 V1 Table of Contents Overview... 2 Passive and Active Authentication Profiles... 2 Adding

More information

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access With IDENTIKEY Server / Axsguard IDENTIFIER Integration Guidelines Disclaimer Disclaimer of Warranties and Limitations

More information

Configuring IBM Cognos Controller 8 to use Single Sign- On

Configuring IBM Cognos Controller 8 to use Single Sign- On Guideline Configuring IBM Cognos Controller 8 to use Single Sign- On Product(s): IBM Cognos Controller 8.2 Area of Interest: Security Configuring IBM Cognos Controller 8 to use Single Sign-On 2 Copyright

More information

Single Sign On for ShareFile with NetScaler. Deployment Guide

Single Sign On for ShareFile with NetScaler. Deployment Guide Single Sign On for ShareFile with NetScaler Deployment Guide This deployment guide focuses on defining the process for enabling Single Sign On into Citrix ShareFile with Citrix NetScaler. Table of Contents

More information

Implementation Guide for protecting. Microsoft Internet Security 2006 and. Microsoft OWA 2007. with. BlackShield ID

Implementation Guide for protecting. Microsoft Internet Security 2006 and. Microsoft OWA 2007. with. BlackShield ID Implementation Guide for protecting Microsoft Internet Security 2006 and Microsoft OWA 2007 with BlackShield ID Copyright 2009 CRYPTOCard Inc. http:// www.cryptocard.com Copyright Copyright 2009, CRYPTOCard

More information

Juniper Networks Secure Access Kerberos Constrained Delegation

Juniper Networks Secure Access Kerberos Constrained Delegation Juniper Networks Secure Access Kerberos Constrained Delegation Release 6.4 CONTENT 1. BACKGROUND...3 2. SETTING UP CONSTRAINED DELEGATION...5 2.1 ACTIVE DIRECTORY CONFIGURATION...5 2.1.1 Create a Kerberos

More information

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x Sverview Trust between SharePoint 2010 and ADFS 2.0 Use article Federated Collaboration with Shibboleth 2.0 and SharePoint 2010 Technologies

More information

Implementation Guide for. Juniper SSL VPN SSO with OWA. with. BlackShield ID

Implementation Guide for. Juniper SSL VPN SSO with OWA. with. BlackShield ID Implementation Guide for Juniper SSL VPN SSO with OWA with BlackShield ID Copyright 2009 CRYPTOCard Inc. http:// www.cryptocard.com Copyright Copyright 2009, CRYPTOCard All Rights Reserved. No part of

More information

Integration Guide. SafeNet Authentication Service. Using SAS SAML-based Authentication with Citrix NetScaler Gateway 10.1

Integration Guide. SafeNet Authentication Service. Using SAS SAML-based Authentication with Citrix NetScaler Gateway 10.1 SafeNet Authentication Service Integration Guide Using SAS SAML-based Authentication with Citrix NetScaler Gateway 10.1 Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright

More information

TIB 2.0 Administration Functions Overview

TIB 2.0 Administration Functions Overview TIB 2.0 Administration Functions Overview Table of Contents 1. INTRODUCTION 4 1.1. Purpose/Background 4 1.2. Definitions, Acronyms and Abbreviations 4 2. OVERVIEW 5 2.1. Overall Process Map 5 3. ADMINISTRATOR

More information

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER Table of Contents Introduction.... 3 Requirements.... 3 Horizon Workspace Components.... 3 SAML 2.0 Standard.... 3 Authentication

More information

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections: CHAPTER 1 SAML Single Sign-On This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections: Junos Pulse Secure Access

More information

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Tableau Server

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Tableau Server SafeNet Authentication Service Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information

More information

Dell One Identity Cloud Access Manager 8.0.1 - How to Configure for SSO to SAP NetWeaver using SAML 2.0

Dell One Identity Cloud Access Manager 8.0.1 - How to Configure for SSO to SAP NetWeaver using SAML 2.0 Dell One Identity Cloud Access Manager 8.0.1 - How to Configure for SSO to SAP NetWeaver using SAML 2.0 May 2015 About this guide Prerequisites and requirements NetWeaver configuration Legal notices About

More information

Tenrox. Single Sign-On (SSO) Setup Guide. January, 2012. 2012 Tenrox. All rights reserved.

Tenrox. Single Sign-On (SSO) Setup Guide. January, 2012. 2012 Tenrox. All rights reserved. Tenrox Single Sign-On (SSO) Setup Guide January, 2012 2012 Tenrox. All rights reserved. About this Guide This guide provides a high-level technical overview of the Tenrox Single Sign-On (SSO) architecture,

More information

SafeNet Authentication Service

SafeNet Authentication Service SafeNet Authentication Service Push OTP Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have

More information

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Salesforce

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Salesforce SafeNet Authentication Service Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information

More information

Welcome Guide for MP-1 Token for Microsoft Windows

Welcome Guide for MP-1 Token for Microsoft Windows Welcome Guide for MP-1 Token for Microsoft Windows Protecting Your On-line Identity Authentication Service Delivery Made EASY Copyright 2012 SafeNet, Inc. All rights reserved. All attempts have been made

More information

Deploying CTERA Agent via Microsoft Active Directory and Single Sign On. Cloud Attached Storage. September 2015 Version 5.0

Deploying CTERA Agent via Microsoft Active Directory and Single Sign On. Cloud Attached Storage. September 2015 Version 5.0 Deploying CTERA Agent via Microsoft Active Directory and Single Sign On Cloud Attached Storage September 2015 Version 5.0 Copyright 2009-2015 CTERA Networks Ltd. All rights reserved. No part of this document

More information

IMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS

IMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS APPLICATION NOTE IMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS SAML 2.0 combines encryption and digital signature verification across resources for a more

More information

SAM 8.0 Backup and Restore Guide. SafeNet Integration Guide

SAM 8.0 Backup and Restore Guide. SafeNet Integration Guide SAM 8.0 Backup and Restore Guide SafeNet Integration Guide Revision A November 2012 SAM 8.0 Backup and Restore Guide - SafeNet Integration Guide Introduction Copyright 2012 SafeNet, Inc. All rights reserved.

More information

Zendesk SSO with Cloud Secure using MobileIron MDM Server and Okta

Zendesk SSO with Cloud Secure using MobileIron MDM Server and Okta Zendesk SSO with Cloud Secure using MobileIron MDM Server and Okta Configuration Guide Product Release Document Revisions Published Date 1.0 1.0 May 2016 Pulse Secure, LLC 2700 Zanker Road, Suite 200 San

More information

T his feature is add-on service available to Enterprise accounts.

T his feature is add-on service available to Enterprise accounts. SAML Single Sign-On T his feature is add-on service available to Enterprise accounts. Are you already using an Identity Provider (IdP) to manage logins and access to the various systems your users need

More information

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Sharepoint 2007

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Sharepoint 2007 DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Sharepoint 2007 With IDENTIKEY Server / Axsguard IDENTIFIER Integration Guidelines Disclaimer Disclaimer of Warranties and Limitations

More information

Configuring Single Sign-on from the VMware Identity Manager Service to AirWatch Applications

Configuring Single Sign-on from the VMware Identity Manager Service to AirWatch Applications Configuring Single Sign-on from the VMware Identity Manager Service to AirWatch Applications VMware Identity Manager AUGUST 2015 V1 Configuring Single Sign-On from VMware Identity Manager to AirWatch Applications

More information

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services 1 HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided

More information

ACTIVID APPLIANCE AND MICROSOFT AD FS

ACTIVID APPLIANCE AND MICROSOFT AD FS ACTIVID APPLIANCE AND MICROSOFT AD FS SAML 2.0 Channel Integration Handbook ActivID Appliance 7.2 July 2013 Released Document Version 1.0 hidglobal.com Table of Contents 1.0 Introduction...3 1.1 Scope

More information

CA Nimsoft Service Desk

CA Nimsoft Service Desk CA Nimsoft Service Desk Single Sign-On Configuration Guide 6.2.6 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation

More information

ADFS Integration Guidelines

ADFS Integration Guidelines ADFS Integration Guidelines Version 1.6 updated March 13 th 2014 Table of contents About This Guide 3 Requirements 3 Part 1 Configure Marcombox in the ADFS Environment 4 Part 2 Add Relying Party in ADFS

More information

Egnyte Single Sign-On (SSO) Installation for OneLogin

Egnyte Single Sign-On (SSO) Installation for OneLogin Egnyte Single Sign-On (SSO) Installation for OneLogin To set up Egnyte so employees can log in using SSO, follow the steps below to configure OneLogin and Egnyte to work with each other. 1. Set up OneLogin

More information

Configuring Single Sign-on from the VMware Identity Manager Service to WebEx

Configuring Single Sign-on from the VMware Identity Manager Service to WebEx Configuring Single Sign-on from the VMware Identity Manager Service to WebEx VMware Identity Manager SEPTEMBER 2015 V 2 Configuring Single Sign-On from VMware Identity Manager to WebEx Table of Contents

More information

INTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace

INTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace INTEGRATION GUIDE DIGIPASS Authentication for VMware Horizon Workspace Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is';

More information

DualShield SAML & SSO. Integration Guide. Copyright 2011 Deepnet Security Limited. Copyright 2011, Deepnet Security. All Rights Reserved.

DualShield SAML & SSO. Integration Guide. Copyright 2011 Deepnet Security Limited. Copyright 2011, Deepnet Security. All Rights Reserved. DualShield Integration Guide Copyright 2011 Deepnet Security Limited Copyright 2011, Deepnet Security. All Rights Reserved. Page 1 Trademarks Deepnet Unified Authentication, MobileID, QuickID, PocketID,

More information

Copyright Pivotal Software Inc, 2013-2015 1 of 10

Copyright Pivotal Software Inc, 2013-2015 1 of 10 Table of Contents Table of Contents Getting Started with Pivotal Single Sign-On Adding Users to a Single Sign-On Service Plan Administering Pivotal Single Sign-On Choosing an Application Type 1 2 5 7 10

More information

Strong Authentication for Juniper Networks SSL VPN

Strong Authentication for Juniper Networks SSL VPN Strong Authentication for Juniper Networks SSL VPN with Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright Copyright 2011. CRYPTOCard

More information

SafeNet Authentication Service

SafeNet Authentication Service SafeNet Authentication Service Integration Guide Using SafeNet Authentication Service as an Identity Provider for Google Apps All information herein is either public information or is the property of and

More information

PingFederate. IWA Integration Kit. User Guide. Version 3.0

PingFederate. IWA Integration Kit. User Guide. Version 3.0 PingFederate IWA Integration Kit Version 3.0 User Guide 2012 Ping Identity Corporation. All rights reserved. PingFederate IWA Integration Kit User Guide Version 3.0 April, 2012 Ping Identity Corporation

More information

USER GUIDE WWPass Security for Email (Outlook) For WWPass Security Pack 2.4

USER GUIDE WWPass Security for Email (Outlook) For WWPass Security Pack 2.4 USER GUIDE WWPass Security for Email (Outlook) For WWPass Security Pack 2.4 March 2014 TABLE OF CONTENTS Chapter 1 Welcome... 4 Introducing WWPass Security for Email (Outlook)... 5 Supported Outlook Products...

More information

SAML Single-Sign-On (SSO)

SAML Single-Sign-On (SSO) C O L A B O R A T I V E I N N O V A T I O N M A N A G E M E N T Complete Feature Guide SAML Single-Sign-On (SSO) 1. Features This feature allows administrators to setup Single Sign-on (SSO) integration

More information

Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow

Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow VMware Identity Manager AUGUST 2015 V1 Configuring Single Sign-On from VMware Identity Manager to ServiceNow Table of Contents

More information

Microsoft IAS and NPS Agent Configuration Guide

Microsoft IAS and NPS Agent Configuration Guide Microsoft IAS and NPS Agent Configuration Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Agent IAS and NPS (Microsoft) Configuration

More information

Implementation Guide for protecting

Implementation Guide for protecting Implementation Guide for protecting Remote Web Workplace (RWW) Outlook Web Access (OWA) 2003 SharePoint 2003 IIS Web Sites with BlackShield ID Copyright 2010 CRYPTOCard Inc. http:// www.cryptocard.com

More information

OneLogin Integration User Guide

OneLogin Integration User Guide OneLogin Integration User Guide Table of Contents OneLogin Account Setup... 2 Create Account with OneLogin... 2 Setup Application with OneLogin... 2 Setup Required in OneLogin: SSO and AD Connector...

More information

SAML 2.0 SSO Deployment with Okta

SAML 2.0 SSO Deployment with Okta SAML 2.0 SSO Deployment with Okta Simplify Network Authentication by Using Thunder ADC as an Authentication Proxy DEPLOYMENT GUIDE Table of Contents Overview...3 The A10 Networks SAML 2.0 SSO Deployment

More information

INTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server

INTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server INTEGRATION GUIDE DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is

More information

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

HOTPin Integration Guide: Google Apps with Active Directory Federated Services HOTPin Integration Guide: Google Apps with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as

More information

Enabling Single Sign- On for Common Identity using F5

Enabling Single Sign- On for Common Identity using F5 Enabling Single Sign- On for Common Identity using F5 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS

More information

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates Entrust Managed Services Entrust Managed Services PKI Configuring secure LDAP with Domain Controller digital certificates Document issue: 1.0 Date of issue: October 2009 Copyright 2009 Entrust. All rights

More information

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them. This chapter provides information about the Security Assertion Markup Language (SAML) Single Sign-On feature, which allows administrative users to access certain Cisco Unified Communications Manager and

More information

Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief

Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief Guide Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief October 2012 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 21 Contents

More information

TIBCO Spotfire Web Player 6.0. Installation and Configuration Manual

TIBCO Spotfire Web Player 6.0. Installation and Configuration Manual TIBCO Spotfire Web Player 6.0 Installation and Configuration Manual Revision date: 12 November 2013 Important Information SOME TIBCO SOFTWARE EMBEDS OR BUNDLES OTHER TIBCO SOFTWARE. USE OF SUCH EMBEDDED

More information

Entrust Managed Services PKI

Entrust Managed Services PKI Entrust Managed Services PKI Entrust Managed Services PKI Windows Smart Card Logon Configuration Guide Using Web-based applications Document issue: 1.0 Date of Issue: June 2009 Copyright 2009 Entrust.

More information

Installation and Configuration Guide

Installation and Configuration Guide Installation and Configuration Guide BlackBerry Resource Kit for BlackBerry Enterprise Service 10 Version 10.2 Published: 2015-11-12 SWD-20151112124827386 Contents Overview: BlackBerry Enterprise Service

More information

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Drupal

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Drupal SafeNet Authentication Service Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information

More information

PingFederate. Salesforce Connector. Quick Connection Guide. Version 4.1

PingFederate. Salesforce Connector. Quick Connection Guide. Version 4.1 PingFederate Salesforce Connector Version 4.1 Quick Connection Guide 2011 Ping Identity Corporation. All rights reserved. PingFederate Salesforce Quick Connection Guide Version 4.1 June, 2011 Ping Identity

More information

SafeNet Authentication Client (Windows)

SafeNet Authentication Client (Windows) SafeNet Authentication Client (Windows) Version 8.1 SP1 Revision A User s Guide Copyright 2011 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete

More information

Agenda. How to configure

Agenda. How to configure dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services

More information

Integration Guide. SafeNet Authentication Service. SAS Using RADIUS Protocol with Microsoft DirectAccess

Integration Guide. SafeNet Authentication Service. SAS Using RADIUS Protocol with Microsoft DirectAccess SafeNet Authentication Service Integration Guide SAS Using RADIUS Protocol with Microsoft DirectAccess Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet,

More information

SAML 2.0 Configurations at SAP NetWeaver AS ABAP and Microsoft ADFS

SAML 2.0 Configurations at SAP NetWeaver AS ABAP and Microsoft ADFS SAML 2.0 Configurations at SAP NetWeaver AS ABAP and Microsoft ADFS Applies to: SAP Gateway 2.0 Summary This guide describes how you install and configure SAML 2.0 on Microsoft ADFS server and SAP NetWeaver

More information

Security Assertion Markup Language (SAML) Site Manager Setup

Security Assertion Markup Language (SAML) Site Manager Setup Security Assertion Markup Language (SAML) Site Manager Setup Trademark Notice Blackboard, the Blackboard logos, and the unique trade dress of Blackboard are the trademarks, service marks, trade dress and

More information

SAM Backup and Restore Guide. SafeNet Integration Guide

SAM Backup and Restore Guide. SafeNet Integration Guide SAM Backup and Restore Guide SafeNet Integration Guide April 2011 Introduction Copyright 2011 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete

More information

PingFederate. IWA Integration Kit. User Guide. Version 2.6

PingFederate. IWA Integration Kit. User Guide. Version 2.6 PingFederate IWA Integration Kit Version 2.6 User Guide 2012 Ping Identity Corporation. All rights reserved. PingFederate IWA Integration Kit User Guide Version 2.6 March, 2012 Ping Identity Corporation

More information

Sharepoint server SSO

Sharepoint server SSO Configuring g on-premise Sharepoint server SSO Chapter 99 You can now provide single sign-on to your on-premise Sharepoint server applications. This section includes the following topics: "An overview

More information

Reference and Troubleshooting: FTP, IIS, and Firewall Information

Reference and Troubleshooting: FTP, IIS, and Firewall Information APPENDIXC Reference and Troubleshooting: FTP, IIS, and Firewall Information Although Cisco VXC Manager automatically installs and configures everything you need for use with respect to FTP, IIS, and the

More information

VMware Identity Manager Integration with Active Directory Federation Services 2.0

VMware Identity Manager Integration with Active Directory Federation Services 2.0 VMware Identity Manager Integration with Active Directory Federation Services 2.0 VMware Identity Manager J ULY 2015 V 2 Table of Contents Active Directory Federation Services... 2 Configuring AD FS Instance

More information

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 Merlin House

More information

Integration Package for Microsoft Office SharePoint3

Integration Package for Microsoft Office SharePoint3 Panorama NovaView 5 Integration Package for Microsoft Office SharePoint3 About the Integration package Release Notes This package applies to the Panorama NovaView Server and the Microsoft office SharePoint3.

More information

Strong Authentication for Juniper Networks

Strong Authentication for Juniper Networks Strong Authentication for Juniper Networks SSL VPN SSO and OWA with Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright Copyright

More information

SAML Authentication with BlackShield Cloud

SAML Authentication with BlackShield Cloud SAML Authentication with BlackShield Cloud Powerful Authentication Management for Service Providers and Enterprises Version 3.1 Authentication Service Delivery Made EASY Copyright Copyright 2011. CRYPTOCARD

More information

Deploying RSA ClearTrust with the FirePass controller

Deploying RSA ClearTrust with the FirePass controller Deployment Guide Deploying RSA ClearTrust with the FirePass Controller Deploying RSA ClearTrust with the FirePass controller Welcome to the FirePass RSA ClearTrust Deployment Guide. This guide shows you

More information

Enabling Kerberos SSO in IBM Cognos Express on Windows Server 2008

Enabling Kerberos SSO in IBM Cognos Express on Windows Server 2008 Enabling Kerberos SSO in IBM Cognos Express on Windows Server 2008 Nature of Document: Guideline Product(s): IBM Cognos Express Area of Interest: Infrastructure 2 Copyright and Trademarks Licensed Materials

More information

VMware Identity Manager Administration

VMware Identity Manager Administration VMware Identity Manager Administration VMware Identity Manager 2.4 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new

More information

McAfee One Time Password

McAfee One Time Password McAfee One Time Password Integration Module Outlook Web App 2010 Module version: 1.3.1 Document revision: 1.3.1 Date: Feb 12, 2014 Table of Contents Integration Module Overview... 3 Prerequisites and System

More information

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview) Chapter 83 WebEx This chapter includes the following sections: An overview of configuring WebEx for single sign-on Configuring WebEx for SSO Configuring WebEx in Cloud Manager For more information about

More information

Flexible Identity Federation

Flexible Identity Federation Flexible Identity Federation Administration guide version 1.0.1 Publication history Date Description Revision 2015.09.24 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services

More information

How to Implement the X.509 Certificate Based Single Sign-On Solution with SAP Netweaver Single Sign-On

How to Implement the X.509 Certificate Based Single Sign-On Solution with SAP Netweaver Single Sign-On How to Implement the X.509 Certificate Based Single Sign-On Solution with SAP Netweaver Single Sign-On How to implement the X.509 certificate based Single Sign-On solution from SAP Page 2 of 34 How to

More information

etoken PKI Client (Windows) User s Guide Version 5.1 Revision B

etoken PKI Client (Windows) User s Guide Version 5.1 Revision B etoken PKI Client (Windows) User s Guide Version 5.1 Revision B All attempts have been made to make the information in this document complete and accurate. Aladdin is not responsible for any direct or

More information

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server INTEGRATION GUIDE DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document

More information

Egnyte Single Sign-On (SSO) Installation for Okta

Egnyte Single Sign-On (SSO) Installation for Okta w w w. e g n y t e. c o m Egnyte Single Sign-On (SSO) Installation for Okta To set up Egnyte so employees can log in using SSO, follow the steps below to configure Okta and Egnyte to work with each other.

More information

McAfee Cloud Identity Manager

McAfee Cloud Identity Manager SAML2 Cloud Connector Guide McAfee Cloud Identity Manager version 1.2 or later COPYRIGHT Copyright 2013 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed,

More information

SAS Token Validator Proxy Agent Configuration Guide

SAS Token Validator Proxy Agent Configuration Guide SAS Token Validator Proxy Agent Configuration Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2014 SafeNet, Inc. All rights

More information

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview) Chapter 190 WebEx This chapter includes the following sections: "An overview of configuring WebEx for single sign-on" on page 190-1600 "Configuring WebEx for SSO" on page 190-1601 "Configuring WebEx in

More information

Two-Factor Authentication

Two-Factor Authentication Two-Factor Authentication IT Professional & Customer Service Desk Feature Guide Two-Factor Authentication for Exchange Online Office 365 Dedicated & ITAR-Support Plans April 26, 2013 The information contained

More information

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014 DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014 Contents Overview... 2 System requirements:... 2 Before installing... 3 Download and installation... 3 Configure DESLock+ Enterprise Server...

More information

Section 1, Configuring Access Manager, on page 1 Section 2, Configuring Office 365, on page 4 Section 3, Verifying Single Sign-On Access, on page 5

Section 1, Configuring Access Manager, on page 1 Section 2, Configuring Office 365, on page 4 Section 3, Verifying Single Sign-On Access, on page 5 Configuring Single Sign-On For Office 365 Services NetIQ Access Manager is compatible with Microsoft Office 365 and provides single sign-on access to Office 365 services. Single sign-on access is supported

More information

LDAP Synchronization Agent Configuration Guide

LDAP Synchronization Agent Configuration Guide LDAP Synchronization Agent Configuration Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2013 SafeNet, Inc. All rights

More information

Secure Mobile Access Using F5 BIG-IP and IBM MaaS360

Secure Mobile Access Using F5 BIG-IP and IBM MaaS360 Partner Use Cases Secure Mobile Access Using F5 BIG-IP and IBM MaaS360 February 2016 1 Table of Contents Introduction... 3 Technology Brief... 3 F5 BIG-IP Access Policy Manager... 3 IBM MaaS360 Enterprise

More information

Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)

Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS) w w w. e g n y t e. c o m Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS) To set up ADFS so that your employees can access Egnyte using their ADFS credentials,

More information