search

Avaya Secure Remote Access Bedienungsanleitung Seite 15

  • Herunterladen
  • Zu meinen Handbüchern hinzufügen
  • Drucken
  • Seite
    / 33
  • Inhaltsverzeichnis
  • LESEZEICHEN
    • Bewertet. / 5. Basierend auf Kundenbewertungen
Seitenansicht 14
Secure Remote Access Technical Solution Guide v1.0
______________________________________________________________________________________________________
15
Design Recommendation: Use single-sign-on capabilities but restrict servers and domains to
which the VPN Gateway passes credentials, to prevent password stealing from non-approved
hosts.
When using token-based two-factor authentication systems that use a one-time password, the
credentials cannot be reused for applications that also require OTP authentication. In this case,
the solution supports several interworking options with third-party products that can insert a
cookie in the browser with an encrypted authentication token after the OTP VPN logon step.
This cookie is then inspected by the compatible applications to allow access. This solution
combines the benefits of OTP/two-factor authentication with web-based single sign-on.
Supported third-party products include Computer Associates SiteMinder and RSA ClearTrust.
You can also combine OTP/two-factor VPN logon with standard username/password reusable
credentials for intranet application single sign-on. In this case, use the Secondary Authentication
option to allow the user to provide both OTP and reusable credentials at VPN logon.
4.2.1.2 Authorization
The authorization process determines which specific resources can be accessed by an
authenticated user.
4.2.1.2.1 Group model
The group model is fundamental to authorizing user access to intranet resources. During the
authentication process, a user is associated with one or more groups. Each group is associated
with unique:
Portal links to applications and file-sharing directories
Access control lists, including destination subnet addresses, HTTP URL paths, and
destination hostnames
TunnelGuard endpoint compliance policies
IP pool addresses for IPsec and NetDirect clients
Permitted access modes (IPsec, SSL)
Session and idle timeout values
If a user belongs to more than one group, the group settings are logically joined so that the user
sees all appropriate portal links and has access to all appropriate resources for the set of groups.
Seitenansicht 14
1 2 ... 10 11 12 13 14 15 16 17 18 19 20 ... 32 33

Kommentare zu diesen Handbüchern

Keine Kommentare
Verwandte Produkte und Handbücher für IP-Kommunikationsserver Avaya Secure Remote Access
IP-Kommunikationsserver Avaya Business Communications Manager - System Bedienungsanleitung   (92 Seiten)
IP-Kommunikationsserver Avaya IP Line Bedienungsanleitung   (772 Seiten)
IP-Kommunikationsserver Avaya BCM 4.0 System Bedienungsanleitung   (38 Seiten)
IP-Kommunikationsserver Avaya IP Line Bedienungsanleitung   (912 Seiten)
IP-Kommunikationsserver Avaya 4600 Series IP Telephones Anwendungshinweis   (17 Seiten)
IP-Kommunikationsserver Avaya 2 Bedienungsanleitung   (51 Seiten)
  • Astral Pool Europlex Waterpik Sanoclav Poulan Pro
  • Realistic Radios Panasonic Kopierer LaCie Lautsprecher Stanley Werkzeugkästen Siemens Thermostate
  • Reliable Sewquiet 4000 HP OMEN 25 Display Netgear ProSafe GSM7328S Logitech C170 Vizio SB4021E-B0
  • Liebherr L 586 Bedienungsanleitung Asus M5A88-M Spezifikationen Mercury 250 Spezifikationen Philips HC5438/80 Datenblatt Philips 328E8QSW9/93 Bedienungsanleitung