Chat now with support
Chat with Support

Defender 5.11 - Administration Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Defender Management Portal (Web interface) Securing PAM-enabled services Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Step 2: Configure Network Policy Server

To configure the Network Policy Server

  1. On the Network Policy Server, start the Network Policy Server tool (nps.msc).
  2. In the left pane, expand the Policies node to select Network Policies.
  3. In the right pane, right-click the network policy you want to use for Defender, and then on the shortcut menu click Properties.
  4. In the dialog box that opens, click the Constraints tab.



  1. Below the EAP types list, click the Add button.
  2. In the dialog box that opens, select Defender 5 from the list, and then click OK.
  3. In the EAP types list, select the Defender 5 entry you have just added, and then click the Edit button below the list. The following dialog box opens:



  1. Use the following elements:
    • Address  Type the IP address of the Defender Security Server you want to use for user authentication
    • Port  Type the port used by the Access Node to which the specified Defender Security Server belongs.
    • Shared Secret  Type the shared secret that corresponds to the Access Node.
  2. Click OK.

Step 3: Configure VPN connection on the client computer

In this step, you need to configure the authentication settings of the VPN connection you created on the VPN client computer.

To configure VPN connection

  1. Open the properties of the VPN connection you created on the VPN client computer in Step 1: Install Defender EAP Agent.
  2. In the Properties dialog box, click the Security tab.
  3. Make sure that in the Authentication area you select the Use Extensible Authentication Protocol (EAP) option, and then select Defender 5 (encryption enabled) from the list below the option:



  1. Click OK to close the dialog box.

    Now when you connect through the configured VPN connection on the client computer, a Defender dialog box opens prompting you to type the response provided by your token.

Authenticating via EAP Agent

When you attempt to access information via your VPN, the Defender authentication dialog box is displayed:



In the Response field, type the response displayed on your token. Select OK. If authentication is successful, you are allowed to access the network.

Securing Web sites

You can use Defender to secure access to websites hosted on Microsoft Web Server (IIS). For that you need to use the Defender component called the ISAPI Agent.



The ISAPI Agent acts as an ISAPI filter and requires users to authenticate via Defender in order to get access to the websites hosted on IIS.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating