StoneGate SSL VPN Technical Note 2086. Setting up ActiveSync



Similar documents
StoneGate SSL VPN Technical Note Adding Bundled Certificates

StoneGate SSL VPN Technical Note Setting Up WPA Authentication

StoneGate SSL VPN Technical Note Setting Up Sygate On-Demand

StoneGate SSL VPN Technical Note Setting Up SSO with Citrix Presentation Server

StoneGate SSL VPN Technical Note Setting Up BankID

Remote Firewall Deployment

Using Microsoft Active Directory Server and IAS Authentication

Technical Brief ActiveSync Configuration for WatchGuard SSL 100

VPNC Interoperability Profile

StoneGate Firewall/VPN How-To Evaluating StoneGate FW/VPN in VMware Workstation

Release Notes for Version

StoneGate IPsec VPN Client Release Notes for Version 4.3.0

SSL VPN. Virtual Appliance Installation Guide. Virtual Private Networks

RELEASE NOTES. StoneGate Firewall/VPN v for IBM zseries

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

CA Nimsoft Service Desk

Installing and Configuring vcloud Connector

Application Note. Intelligent Application Gateway with SA server using AD password and OTP

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

VPN CLIENT USER S GUIDE

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access

TIBCO Spotfire Web Player 6.0. Installation and Configuration Manual

Check Point FDE integration with Digipass Key devices

Managing the SSL Certificate for the ESRS HTTPS Listener Service Technical Notes P/N REV A01 January 14, 2011

Sophos Mobile Control as a Service Startup guide. Product version: 3.5

Microsoft Dynamics GP. Workflow Installation Guide Release 10.0

Sophos Mobile Control Installation guide. Product version: 3

GRAVITYZONE HERE. Deployment Guide VLE Environment

Configuration Guide. SafeNet Authentication Service AD FS Agent

Protecting Juniper SA using Certificate-Based Authentication. Quick Start Guide

Hosted Microsoft Exchange Client Setup & Guide Book


DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

Installation Guide. SafeNet Authentication Service

INTEGRATION GUIDE. DIGIPASS Authentication for F5 FirePass

Strong Authentication for Juniper Networks SSL VPN

DameWare Server. Administrator Guide

Hosted Microsoft Exchange Client Setup & Guide Book

Installing and Configuring vcloud Connector

Symantec Managed PKI. Integration Guide for ActiveSync

SafeNet Cisco AnyConnect Client. Configuration Guide

Dell One Identity Cloud Access Manager Installation Guide

Microsoft Dynamics GP Release

Sophos UTM Web Application Firewall for Microsoft Exchange connectivity

SafeNet Authentication Service

Integration Guide. SafeNet Authentication Service. SAS Using RADIUS Protocol with Microsoft DirectAccess

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

Strong Authentication for Juniper Networks

Configuring TLS Security for Cloudera Manager

INTEGRATION GUIDE. DIGIPASS Authentication for Office 365 using IDENTIKEY Authentication Server with Basic Web Filter

Installation and Configuration Guide


Secure Web Service - Hybrid. Policy Server Setup. Release Manual Version 1.01

Installing and Configuring vcenter Support Assistant

SolarWinds Technical Reference

INTEGRATION GUIDE. DIGIPASS Authentication for Microsoft Exchange ActiveSync 2007

INTEGRATION GUIDE. DIGIPASS Authentication for Cisco ASA 5505

Sophos Mobile Control Installation guide. Product version: 3.5

Microsoft Exchange 2010 and 2007

Contents Notice to Users

VMware Identity Manager Administration

Web Remote Access. User Guide

RoomWizard Synchronization Software Manual Installation Instructions

CERTIFICATE-BASED SINGLE SIGN-ON FOR EMC MY DOCUMENTUM FOR MICROSOFT OUTLOOK USING CA SITEMINDER

M86 Web Filter USER GUIDE for M86 Mobile Security Client. Software Version: Document Version:

1.6 HOW-TO GUIDELINES

Generating an Apple Push Notification Service Certificate

INTEGRATION GUIDE. DIGIPASS Authentication for Citrix NetScaler (with AGEE)

CA NetQoS Performance Center

ECA IIS Instructions. January 2005

Omniquad Exchange Archiving

TelePresence Migrating TelePresence Management Suite (TMS) to a New Server

Strong Authentication for Microsoft TS Web / RD Web

FortiAuthenticator Agent for Microsoft IIS/OWA. Install Guide

Stonesoft Firewall/VPN 5.4 Windows Server 2008 R2

GTA SSO Auth. Single Sign-On Service. Tel: Fax Web:

Intel Active Management Technology with System Defense Feature Quick Start Guide

Application Note. Gemalto s SA Server and OpenLDAP

Trustwave SEG Cloud Customer Guide

Configuration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Outlook Web Access 1.06

Dialogic 4000 Media Gateway Series as a Survivable Branch Appliance for Microsoft Lync Server 2010

How to Implement the X.509 Certificate Based Single Sign-On Solution with SAP Netweaver Single Sign-On

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

Deploying RSA ClearTrust with the FirePass controller

AVG Business SSO Connecting to Active Directory

Citrix XenServer Workload Balancing Quick Start. Published February Edition

Quick Install Guide. Lumension Endpoint Management and Security Suite 7.1

USER GUIDE WWPass Security for Windows Logon

PingFederate. Identity Menu Builder. User Guide. Version 1.0

Content Filtering Client Policy & Reporting Administrator s Guide

Mobile Device Management Version 8. Last updated:

Setting Up Resources in VMware Identity Manager

CA Performance Center

INTEGRATION GUIDE. DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server

VERITAS Backup Exec TM 10.0 for Windows Servers

Symantec Enterprise Vault

Lepide Exchange Recovery Manager

DIGIPASS CertiID. Getting Started 3.1.0

NSi Mobile Installation Guide. Version 6.2

Integration Guide. SafeNet Authentication Service. Using SAS with Web Application Proxy. Technical Manual Template

Transcription:

StoneGate SSL VPN Technical Note 2086 Setting up ActiveSync

Table of Contents Introduction................................... page 3 Overview..................................... page 3 Enabling Device Control.......................... page 3 Appendix A: Editing the Logon Template............... page 8 Appendix B: Creating a Self-Signed SSL Certificate....... page 9 Feedback..................................... page 9 Table of Contents 2

Introduction This technical note describes how to set up secure ActiveSync connectivity through a StoneGate SSL VPN appliance. This document covers the configuration steps on the mobile device and in the StoneGate SSL VPN Administrator. Refer to Microsoft documentation for a description on how to enable ActiveSync on the Exchange server. Prerequisites Your StoneGate SSL VPN must have software version 1.1 or later. The Microsoft Exchange infrastructure must be configured to allow ActiveSync connections. This document does not describe the steps needed to configure the Exchange infrastructure. This technical note assumes a thorough understanding of StoneGate SSL VPN administration. Please use the information provided in the section Further Reading to gain the required knowledge. Further Reading More information on StoneGate SSL VPN configuration can be found in the StoneGate SSL VPN Administrator s Guide, the Online Help, and the Technical Note repository provided with the product. Another source of information is the Stonesoft Support site, which can be found at http://www.stonesoft.com/support/. For more information on related subjects, visit http://support.microsoft.com. Overview Because Mobile devices and the ActiveSync client provide very limited authentication capabilities, some specific configuration is required to successfully authenticate and connect ActiveSync devices. Each configuration step is described in detail in this technical note. The steps are: 1. Enable device control. 2. Add an additional listener on the StoneGate appliance. 3. Activate a basic authentication mechanism. 4. Activate Device Lock (optional). 5. Add the Outlook Mobile Access web resource. 6. Configure the ActiveSync client on the mobile device. Note All configuration is done through the StoneGate SSL VPN Administrator if not stated otherwise. Enabling Device Control Defining a New Device Type for ActiveSync Devices The ActiveSync client on the mobile device does not support authentication through HTML forms, therefore you must define a new device type that supports only Basic Authentication. The ActiveSync clients are identified by the client s HTTP request header. To define ActiveSync device type 1. Select Manage System in the main menu and click Device Definitions in the left-hand menu. 2. Click the Add Device Definition link. 3. Enter display name. 4. In the Definition text field, add: uri=*microsoft-server-activesync* 5. Click Save. Introduction 3

Note Remove the pre-configured device definition WAP Phone if it is not used. Otherwise, some mobile devices will be recognized as WAP enabled phones instead of ActiveSync enabled clients. 6. Select Manage Resource Access in the main menu and click Global Resource Settings in the left-hand menu. 7. Click the Client Access tab and then click the Add Device Settings link. 8. Select the device you created for ActiveSync and check both The device cannot authenticate using HTLM or WML forms and The device does not support cookies. 9. Click Add then click Save. Adding an Additional Listener Adding an IP Address Mobile devices based on Microsoft Mobile do not accept wildcard SSL certificates. Instead, a name-specific SSL certificate is needed on the StoneGate appliance (for example, myserver.example.com). However, to fully support DNS based link translation (for standard web applications), the StoneGate appliance must have a wildcard certificate installed (for example, *.example.com). The recommended configuration is therefore to use a wildcard certificate on the main listener and create an additional listener with a name-specific certificate. To create a new listener for the ActiveSync devices, an additional IP address must be specified. To add an additional IP address to the network interface 1. Log in to the basic Web console on the appliance by either connecting a computer directly to the eth0 interface and accessing address https://192.168.100.1:10000 or by launching the service through the Application portal, if you have defined the Web console as a resource in the portal. 2. In the main menu on the left, select Networking and then Network Configuration. The main network configuration page is displayed. 3. Click the Network Interfaces icon. The existing interface definitions are shown. 4. Under Interfaces Activated at Boot Time at the top, click the correct interface for the listener. The interface details are displayed. 5. Click the Add Virtual Interfaces link at the bottom right corner of the settings table displayed. 6. Fill in the new IP address details and click Create and Apply to save and activate the new IP address. Defining and Mapping a New DNS Name To define a new DNS name and map it to the additional IP address 1. Still in the Web console, under Networking category in the menu on the left, select Network Configuration. 2. On the right, click the Hostname and DNS client icon. 3. Register a new fully qualified host name. This DNS name must be the same as the DNS name used in the name specific SSL certificate. Map the DNS name to the additional IP address you defined. 4. Make sure that the new DNS name is resolvable in the external DNS servers. 5. Log out of the Web console. The rest of the configuration is done in the StoneGate SSL VPN Administrator. 6. In the StoneGate SSL VPN Administrator, select Manage Resource Access in the main menu and click Global Resource Settings in the left-hand menu. 7. Click on the DNS name pool tab and click on the Add DNS name for Access Point link. 8. If not already configured, enter the main DNS name used to access the Application portal. This is usually different than the DNS name that you defined in step 3. 9. Click Add. 10.Click Add DNS name to pool. 11.Enter the DNS name you want to use for the ActiveSync devices. This is the DNS name you defined in step 3. 12.Click Add and then click Save. Enabling Device Control 4

Upload a Name-Specific SSL Server Certificate The common name in the SSL server certificate must match the DNS name used to connect ActiveSync clients. If you choose to buy a certificate from an external certificate authority, make sure that the CA is trusted by the mobile devices you intend to use. If you choose to create your own SSL certificate (as described in Appendix B: Creating a Self-Signed SSL Certificate on page 9), you must import the certificate as trusted root on every mobile device. Please note that some devices do not require a trusted server certificate, on those devices it is not required to import the certificate as trusted root. To upload a name-specific SSL Server Certificate 1. Select Manage System in the main menu and click Certificates in the left-hand menu. 2. If the server certificate is provided by an external Certificate Authority, any Intermediate CA certificates delivered by the Certificate Authority must be uploaded so that the StoneGate appliance can provide a trusted certificate path to the connecting clients. To upload an intermediate CA certificate: 2.1 Click Add Certificate Authority. 2.2 Enter display name and click Browse to upload the certificate file. 2.3 Select the option No certificate revocation should be performed. 2.4 Click Finish Wizard. 3. To upload a new server certificate, click Add Server Certificate. 4. Enter display name and click Browse to upload the certificate file. 5. Click Browse to upload the private key file and enter the private key password if the private key is encrypted. 6. Check the checkbox(es) for the corresponding intermediate CA certificate(s), if any. Note The certificate must be a PEM formatted file and the private key must be formatted as a PEM or DER encoded PKCS#8 file. See the Administrator s Guide for instructions on how to import certificates. Create an additional Access Point listener To create an additional listener 1. Select Manage System in the main menu and click Access Points in the left-hand menu. 2. Click Display Name for the Access Point. 3. Click Add Additional Listener. 4. Configure the Additional Listener General Settings: Parameter Host Value The Access Point additional IP address Port 443 Sandbox Port 443 Server Certificate Type A DNS name-specific SSL certificate Web 5. Click Update then click Save. Activate a Basic Authentication Mechanism The ActiveSync client is only capable of doing basic authentication with a static username and password. For this reason, StoneGate must be configured to enforce basic authentication for this particular resource. Basically any authentication mechanism can be used that is based on username and password, including StoneGate Password, Active Directory, LDAP and RADIUS based authentication services. To get the best user experience we recommend to use an authentication service that is connected to the Active Directory, so that Single Sign-On can be enabled for the end-users. This document describes a configuration where the StoneGate Password authentication mechanism is used to enforce basic authentication for the ActiveSync users. To enable Single Sign-On, StoneGate Password must be configured to integrate with the Active Directory user storage. Enabling Device Control 5

Create a New Single Sign-On Domain Note If you already have configured an SSO domain for the Active Directory user credentials you can skip this step. To create a new single sign-on domain 1. Select Manage Resource Access in the main menu and click SSO Domains in the left-hand menu. 2. Click on the Add SSO Domain link. 3. Enter a display name and click Next. 4. Click Add Domain Attribute to add the following domain attributes: Attribute Name Attribute Restriction Referenced By Value User name Editable User Input Password Editable User Input Domain Locked Static <your domain> 5. Click Next. 6. Protect the SSO domain with Any Authentication then click Next. 7. Click Finish Wizard. Enable the StoneGate Password Authentication Mechanism Here, we describe how to use the StoneGate password authentication mechanism to authenticate the ActiveSync users. However, any username/password based authentication method can be used that integrates to the Active Directory storage. StoneGate Password authentication mechanism is enabled by default. If you have disabled StoneGate Password, reenable it as described below. If StoneGate Password is enabled in the system, make sure it has the Save Credentials for SSO domain extended property configured (see the relevant parts of the instructions below). To enable StoneGate Password authentication 1. Select Manage System in the main menu and click Authentication Methods in the left-hand menu. 2. Click the Add Authentication Method link. 3. Select StoneGate Password and click Next. 4. Enter a display name and click Add Authentication Method Server. 5. Select the internal Authentication Server and click Next. 6. Click Next then click Next again. 7. Click the Add Extended Property link. 8. Add the Save credentials for SSO domain extended property from the list. 9. Enter your SSO domain s display name in the Value field and click Next. 10.Click Finish Wizard. Enable StoneGate Password for All New Users Make sure that all ActiveSync users have the StoneGate Password authentication method enabled, and that Use password from directory service is enabled for StoneGate Password. For existing users, these settings are configured on a per-user basis. To streamline configuration of new users, these settings can be pre-configured in the Global User Account Settings: Pre-configuring global user account settings 1. Select Manage Accounts and Storage in the main menu and click Global User Account Settings in the lefthand menu. 2. Click the User Linking tab. 3. Enable Manual user linking and/or automatic user linking. New options appear below. 4. Click Enable StoneGate Password. New options appear below. 5. Deselect the Generate Password option. Enabling Device Control 6

6. Enable the Use password from directory service option. 7. Click Save. Note Global User Account Settings applies only to new users. Properties of existing users are not changed when the global settings are adjusted. Activate Device Lock The ActiveSync Device Lock is an optional feature that you can activate according to your judgement. The feature is designed to address the issue with lost or stolen mobile devices. When an ActiveSync client connects through StoneGate, a unique device identifier is passed as part of the SSL encrypted data. This ID is automatically associated to the particular user the first time he or she connects. If another user attempts to synchronize with this device, the connection is blocked. Furthermore, if a device with cached user credentials is lost or stolen, this device can easily be disabled for the particular user account, effectively blocking the device from any further access. To enable device lock 1. Select Manage System in the main menu and click Authentication Methods in the left-hand menu. 2. Select the StoneGate Password authentication mechanism and switch to the Extended Property tab. 3. Click the Add Extended Property link. 4. Set the ActiveSync DeviceID Locking option to true. Note If your license does not include this feature, the Device ID extended property is not shown in the list. 5. Click Add then click Save. With ActiveSync Device ID enabled, each user that connects with an ActiveSync client and authenticates with StoneGate Password gets a new custom user attribute that contains the unique identifier of the device. Add the Outlook Mobile Access Web Resource Outlook Mobile Access (OMA) is a stripped down version of Outlook Web Access (OWA) and is included in Microsoft Exchange Server 2003. This document does not cover installation and configuration of the Microsoft Exchange environment. Refer to Microsoft for details on how to enable OMA functionality. Configuring the OMA Web Resource If Outlook Web Mail is already a published resource in StoneGate, this Web resource can in most cases be used for ActiveSync clients as well. To enable ActiveSync on an existing Outlook Web, it is sufficient to configure a new resource path to the existing Web resource host as explained in Configuring the ActiveSync Resource Path on page 7. If no Outlook Web Mail resource has been previously configured, the OMA resource host must first be configured before the ActiveSync resource path can be enabled. To configure the OMA Web resource 1. Select Manage Resource Access in the main menu and click Web Resources in the left-hand menu. 2. Click on the Add Web Resource Host link. 3. Enter a display name, description (optional), the IP address or hostname to the resource and HTTPS port 443. No HTTP port is required. 4. Click Enable Single Sign-on, specify Text based Single Sign-on and select your SSO domain from the list of SSO domains. 5. Disable the Make resource available in Application portal option. 6. Click Next. 7. Remove Any Authentication from Selected Access Rules. 8. Click Next then Finish Wizard. Configuring the ActiveSync Resource Path To configure the ActiveSync Resource Path 1. Select Manage Resource Access in the main menu and select your OWA or OMA resource. 2. Click the Add Resource Path link. Enabling Device Control 7

3. Enter Path = Microsoft-Server-ActiveSync 4. Disable the Make resource available in Application Portal option. 5. Disable the Use Parent Authentication option. 6. Click the Add Access Rule link. 7. Select Authentication method, then click Next. 8. Add StoneGate Password then click Next until you can click Finish Wizard. 9. Again, select the Outlook Web Mail resource and click Edit Resource Host. 10.Click Enable Single Sign-on, specify Text based Single Sign-on and select your SSO domain from the list of SSO domains. 11.Switch to the Advanced Settings tab. 12.Set Link Translation Type to Reserved DNS Mapping. 13.Set Mapped DNS name for HTTPS to the DNS name you defined for ActiveSync access. If HTTPS is also enabled for this resource, another DNS name must be selected for HTTP connections. If HTTP is not needed, disable HTTP by removing the port number from HTTP port under General Settings. 14. Click Save. 15.Click Publish to publish the configuration. Configure the ActiveSync Client The client-side configuration depends on the type of ActiveSync client used. This document describes how to configure the built-in ActiveSync client on a Microsoft Windows Mobile 5 device. To configure ActiveSync for Microsoft Windows Mobile 5 1. Start the ActiveSync application on the mobile device. 2. Choose Menu then Configure Server. 3. Enable This server requires an encrypted (SSL) connection. 4. In the Server address field, enter the DNS name you defined for the StoneGate listener. 5. Choose Sync to synchronize the device. The client should now connect to the mail server through the StoneGate SSL VPN appliance. When connecting for the first time, the user may be prompted for authentication. Appendix A: Editing the Logon Template If StoneGate Password is used only for mobile ActiveSync access, it should be removed from the standard login form. By default, all enabled authentication mechanisms are shown on the standard login page. To remove an authentication mechanism from the logon page without disabling the mechanism, edit the login form template _chooseautchmech.html. The file can be located through the Administration Service file browser (select Browse at the very top) in the folder /opt/portwise/administration-service/files/access-point/built-in-files/wwwroot/wa/ Note Do not edit the files directly in the /built-in-files/ subdirectory. Copy them as explained below before editing them. When editing a file, the first step is to copy the specific file(s) to the corresponding location under the /custom-files subdirectory. This guarantees that the files will not be overwritten during an upgrade. To copy the necessary files 1. Copy _chooseauthmech.html to the following location: /opt/portwise/administration-service/files/access-point/custom-files/wwwroot/wa/ 2. Edit _chooseauthmech.html. Find the section that reads: <!-- [#W:name] --> <p><a href="[$x:authpath]?authmech=[$x:name]">[$x:displayname]</a></p> <!-- [#/W] --> Change the section to: Appendix A: Editing the Logon Template 8

<!-- [#W:name] --> <script>if ("[$x:displayname]"!= "<StoneGate_Password_Display_Name>") { document.write ('<p><a href="[$x:authpath]?authmech=[$x:name]">[$x:displayname]</a></p>'); } </script> <!-- [#/W] --> Where <StoneGate_Password_Display_Name> is the display name of the authentication mechanism you want to hide. 3. Save the file. 4. Do a Save somewhere in the StoneGate SSL VPN Administrator to trigger the Publish button. 5. Click Publish to start using the changed configuration. Appendix B: Creating a Self-Signed SSL Certificate Some ActiveSync clients require a name-specific SSL certificate and can not handle wildcard certificates. Furthermore, to prevent SSL certificate warnings the name-specific certificate must match the server DNS name used by the ActiveSync client to connect to the StoneGate appliance. Therefore, in addition to the SSL certificate used on the Access Point main listener, the Access Point should have an additional server certificate tied to the additional listener created for the ActiveSync communication. For a production environment it is recommended to purchase a name-specific SSL certificate from a trusted Certificate Authority. Make sure to use a CA that is supported by the mobile devices you intend to use. To get up and running with a test or POC, with a limited number of clients, a self-signed SSL certificate may be used. Note Self-signed SSL certificates must be imported to every device to be usable. To create a self-signed certificate 1. Create a self-signed certificate with OpenSSL: $ openssl req -x509 -days 730 subj '/C=<your country>/st=<your state>/ L=<your city>/o=<your organization>/cn=<server DNS name>' -newkey rsa:1024 - keyout mykey.pem -out mycert.pem Substitute <your country>, <your state>, <your city>, <your company> and <server DNS name> to appropriate values. In this example, the certificate is saved to mycert.pem and the private key is stored encrypted in mykey.pem. 2. To review the output, use the following command: $ openssl x509 -text -in mycert.pem 3. Convert the private key to the PKCS#8 format: $ openssl pkcs8 -topk8 -in mykey.pem -out mykey.pk8 4. Upload the files mycert.pem and mykey.pk8 to the StoneGate appliance through the StoneGate SSL VPN Administrator. See the Administrator s Guide for instructions on how to upload server and CA certificates. Feedback Stonesoft is always interested in feedback from our users. For comments regarding Stonesoft s products, contact feedback@stonesoft.com. For comments regarding this technical note, contact documentation@stonesoft.com. Appendix B: Creating a Self-Signed SSL Certificate 9

Trademarks and Patents Stonesoft, the Stonesoft logo and StoneGate are all trademarks or registered trademarks of Stonesoft Corporation. Multi-link technology, multi-link VPN, and the StoneGate clustering technology-as well as other technologies included in StoneGate-are protected by patents or pending patent applications in the U.S. and other countries. All other trademarks or registered trademarks are property of their respective owners. SSL VPN Powered by PortWise Copyright and Disclaimer Copyright 2000 2008 Stonesoft Corporation. All rights reserved. These materials, Stonesoft products and related documentation are protected by copyright and other laws, international treaties and conventions. All rights, title and interest in the materials, Stonesoft products and related documentation shall remain with Stonesoft and its licensors. All registered or unregistered trademarks in these materials are the sole property of their respective owners. No part of this document or related Stonesoft products may be reproduced in any form, or by any means without written authorization of Stonesoft Corporation. Stonesoft provides these materials for informational purposes only. They are subject to change without notice and do not represent a commitment on the part of Stonesoft. Stonesoft assumes no liability for any errors or inaccuracies that may appear in these materials or for incompatibility between different hardware components, required BIOS settings, NIC drivers, or any NIC configuration issues. Use these materials at your own risk. Stonesoft does not warrant or endorse any third party products described herein. THESE MATERIALS ARE PROVIDED "AS-IS." STONESOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO, THE INFORMA- TION CONTAINED HEREIN. IN ADDITION, STONESOFT MAKES NO EXPRESS OR IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR USE WITH RESPECT THE INFORMATION CONTAINED IN THESE MATERIALS. IN NO EVENT SHALL STONESOFT BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL OR INCIDENTAL DAMAGES, INCLUD- ING, BUT NOT LIMITED TO, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING FROM THE USE OF THESE MATERIALS, EVEN IF ADVISED IN ADVANCE OF THE POSSIBILITY OF SUCH DAMAGES. SG_SVTN_2086_20080110 www.stonesoft.com Stonesoft Corp. Itälahdenkatu 22a FIN-00210 Helsinki Finland tel. +358 9 4767 11 fax +358 9 4767 1234 Business ID: 0837548-0 Domicile: Helsinki Stonesoft Inc. 1050 Crown Pointe Parkway Suite 900 Atlanta, GA 30338 USA tel. +1 770 668 1125 fax +1 770 668 1131 10

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information