Chatta subito con l'assistenza
Chat con il supporto

Defender 6.5 - Administration Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Defender Management Portal (Web interface) Securing PAM-enabled services Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Push Notifications Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Defender EAP Agent

A VPN is an extension of a private network that encompasses links across shared or public networks like the Internet. VPN connections leverage the IP connectivity of the Internet using a combination of tunneling and encryption to securely connect two remote points, such as a remote worker and their office base.

Extensible Authentication Protocol (EAP) is a general protocol for authentication that also supports multiple authentication methods, such as Kerberos, token cards, one-time passwords, certificates, public key authentication, and smart cards.

Defender utilizes the EAP protocol to integrate its two-factor authentication into the existing user authentication process. The Defender EAP Agent supports Microsoft Remote Access clients and servers for both dial-up and VPN (PPTP and L2TP/IPSec) (implemented as an extension to PPP).

The Defender EAP Agent must be installed on the VPN server and VPN client computer.

Deploying Defender EAP Agent

To benefit from using two-factor authentication over the EAP protocol, you need to install the Defender EAP Agent on the Network Policy Server and on the VPN client computer. Then, you need to configure the Network Policy Server and the VPN client computer for working with the Defender EAP Agent.

To deploy the Defender EAP Agent, complete the following steps:

Step 1: Install Defender EAP Agent

You must install the Defender EAP Agent on the Network Policy Server, and on the VPN client computer.

To install Defender EAP Agent

  1. Run the DefenderEAPAgent.exe file supplied with the Defender distribution package.
  2. Complete the wizard that starts.
    IMPORTANT:
    • When installing Defender EAP Agent on the Network Policy Server, on the Installation Complete step of the wizard, clear the Create a VPN connection with Defender now check box, and then click Finish.
    • When installing Defender EAP Agent on the VPN client computer, on the Installation Complete step of the wizard, select the Create a VPN connection with Defender now check box, click Finish, and follow the wizard that starts to create a new VPN connection.
  3. After completing the wizard, restart the computer on which you have just installed Defender EAP Agent.

Step 2: Configure Network Policy Server

To configure the Network Policy Server

  1. On the Network Policy Server, start the Network Policy Server tool (nps.msc).
  2. In the left pane, expand the Policies node to select Network Policies.
  3. In the right pane, right-click the network policy you want to use for Defender, and then on the shortcut menu click Properties.
  4. In the dialog box that opens, click the Constraints tab.

 

 

  1. Below the EAP types list, click the Add button.
  2. In the dialog box that opens, select Defender 5 from the list, and then click OK.
  3. In the EAP types list, select the Defender 5 entry you have just added, and then click the Edit button below the list. The following dialog box opens:

 

 

  1. Use the following elements:
    • Address  Type the IP address of the Defender Security Server you want to use for user authentication
    • Port  Type the port used by the Access Node to which the specified Defender Security Server belongs.
    • Shared Secret  Type the shared secret that corresponds to the Access Node.
  2. Click OK.
Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione