Managing security tokens
You can use the Defender Management Portal to manage security tokens in your Defender environment. You can search for a particular security token, and then do the following:
- View the token details
- Assign the token to users
- Remove the token from users
- Test or reset the token to ensure it works properly
- Configure a PIN for the token
- Configure a temporary response for the token
To manage security tokens, the account with which you sign in to the Defender Management Portal must have the administrator role assigned. For more information, see Portal roles.
To manage a security token
- Sign in to the Defender Management Portal.
For more information, see Opening the portal.
- Click the Administer Defender option.
- In the left pane, click the Management tab.
- In the right pane, click the Tokens tab.
- Search for and select the token you want to manage:
- In the Search by token serial number text box, type the complete token serial number or its part.
- Click the Search button and wait for your search to complete.
- If prompted, select the token from the search results.
- Use the following areas to manage the token:
- Users who have token <token number> assigned Use this area to assign or remove the token from its users, view the users to whom the token is assigned, test the token, reset the token to resolve authentication issues, configure a token PIN, or create a temporary response for the token user. For more information about the elements in this area, see the table below this procedure.
- Token details Use this area to view information about the token. This area shows the token type, encryption used by the token, token response length, and token activation key.
Table 18:
Users who have token <token number> assigned area
Assign |
Allows you to assign the token to a user. When you click this button, a new page opens where you can select the user. |
Unassign |
Removes the token from the users selected in the list. Note that this does not delete the token object from Active Directory. |
Manage |
Click this link to manage the token for the corresponding user. Depending on the token type, the page that opens may provide some or all of the following tabs:
- Test Allows you to run a test operation that checks if the token generates a valid response.
- PIN Allows you to assign a new PIN to the token. This is required if the authentication issue is related to an incorrect or forgotten PIN. On the page that opens, type a new PIN in the New PIN and Confirm PIN text boxes.
If you want the user to change the PIN after the user logs on for the first time, select the User must change PIN at next authentication check box.
If you want the user to change the PIN after the user logs on for the first time, select the User must change PIN at next authentication check box.
When you are finished, click Set PIN to save the changes.
To remove the PIN from the token, click Remove PIN.
- Reset Causes the token to resynchronize with the Defender Security Server. This is required if the authentication issue is related to a time drift on the token or, for event-based tokens, a number of token responses being used without user authentication taking place.
- Temporary Response Allows you to create a temporary response for the token user. You may need to create a temporary response if the token does not function properly or if the user has lost the token but still needs access to the protected resources.
Use the Expire temporary response in list to select a validity period for the temporary response.
You can select the Response can be used multiple times check box, so that the user could use the temporary response multiple times during the specified validity period.
Click Assign to create and assign a temporary response using the specified parameters.
To remove the temporary response, click Remove. |
Viewing authentication statistics
The Defender Management Portal provides a Dashboard that shows authentication statistics in graphical format. The Dashboard provides information about the number of successful and failed authentication attempts the users have performed, shows warning messages generated by the Defender Security Servers deployed in your environment, and displays the status of the Log Receiver Service.
To view authentication statistics on the Dashboard, the account with which you sign in to the Defender Management Portal must have an appropriate portal role assigned. For more information, see Portal roles.
To view authentication statistics on the Dashboard
- Sign in to the Defender Management Portal.
For more information, see Opening the portal.
- Click the Administer Defender option.
- In the left pane, click the Dashboard tab.
The Dashboard tab has the following elements:
- Log Receiver Service Shows the current status of the Defender Log Receiver Service. If the Defender Log Receiver Service is not running, the data on the Dashboard is not updated. If your portal role permits, you can also stop, restart, or configure the service.
- Warnings from Defender Security Servers Displays the most recent warning messages related to the Defender Security Servers in your environment. To view a complete list of warning messages, click More.
- Authentication requests by DSS, last hour Displays the number of authentication requests received during the last hour for each Defender Security Server running in your Defender environment. Move the cursor over each section of the pie chart to view the total number of authentication requests per Defender Security Server during the last hour and the percentage total.
- Authentications per hour, last 24 hours Displays the total number of successful and failed authentication requests received by all Defender Security Servers, per hour, in the last 24 hours.
Viewing Defender Security Server warnings and logs
You can use the Defender Management Portal to view warnings and logs generated by specific Defender Security Server deployed in your environment.
To view Defender Security Server warnings and logs, the account with which you sign in to the Defender Management Portal must have an appropriate portal role assigned. For more information, see Portal roles.
To view Defender Security Server warnings and logs
- Sign in to the Defender Management Portal.
For more information, see Opening the portal.
- Click the Administer Defender option.
- In the left pane, click the Activity tab
- In the right pane, use the following tabs:
- DSS Warnings Displays warning messages generated by the selected Defender Security Server. From the Select Defender Security Server list, select the server whose warnings you want to view.
- DSS Logs Displays the Defender Security Server logs in near real-time. From the Select Defender Security Server list, select the server whose logs you want to view.
Viewing token requests from users
You can view a list of token requests submitted by users through the Defender Self-Service Portal. This list provides such information as the name of user who requested a token, requested token type, and whether the token has been issued to the user.
To view token requests, the account with which you sign in to the Defender Management Portal must have an appropriate portal role assigned. For more information, see Portal roles.
To view token requests
- Sign in to the Defender Management Portal.
For more information, see Opening the portal.
- Click the Administer Defender option.
- In the left pane, click the Activity tab.
- In the right pane, click the Token Requests tab to open a list of token requests.
The list has the following columns:
- User Shows the name of the user who requested a token through the Defender Self-Service Portal.
- Token Shows the type of requested token.
- Request Type Shows the method that was used to deliver the token. Possible methods include immediate token delivery with no user verification, verification via an automated phone call or SMS, verification via e-mail.
- Request Date Shows the date and time when the request was made or completed.
- Request Completed Shows whether the token request was completed.