Chat now with support
Chat with Support

Defender 5.8 - Administrator Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Securing PAM-enabled services Defender Management Portal (Web interface) Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Integration with Cloud Access Manager Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Managing users

2
Click the Administer Defender option.
a
In the Search by user name text box, type the complete user name or its part.
b
Click the Search button and wait for your search to complete.
Tokens assigned to <user name>  Provides a list of security tokens assigned to the user. You can use this area to view information about the assigned tokens, program new software tokens, assign existing token objects to the user, remove tokens from the user, and set a Defender password for the user. For more information about elements you can use in this area, see the table below this procedure.
Authentication details  Use this area to view information about the user account, such as the time of last authentication, violation count, and violation reset count. If necessary, you can reset the violation count for the user. You can also enable, view, and change user’s Defender ID. The user can authenticate to Defender by using the enabled Defender ID.
Test  Allows you to run a test operation that checks if the token generates a valid response.
PIN  Allows you to assign a new PIN to the token. This is required if the authentication issue is related to an incorrect or forgotten PIN. On the page that opens, type the new PIN in the New PIN and Confirm PIN text boxes.
When you are finished, click Set PIN to save the changes.
Reset  Causes the token to resynchronize with the Defender Security Server. This is required if the authentication issue is related to a time drift on the token or, for event-based tokens, a number of token responses being used without user authentication taking place.
Temporary Response  Allows you to assign a temporary response to the token. You may need to assign a temporary response if the token does not function properly or if the user has lost the token but still needs access to the protected resources.
Use the Expire temporary response in list to select a validity period for the temporary response.
You can select the Response can be used multiple times check box, so that the user could use the temporary response multiple times.
Click Assign to assign a temporary response using the specified parameters.
Click the token name in the Token column to view token details. The page that opens provides such information as token type, encryption used by the token, response length and response type, token activation key, and current status of the token.

Managing security tokens

2
Click the Administer Defender option.
a
In the Search by token serial number text box, type the complete token serial number or its part.
b
Click the Search button and wait for your search to complete.
Users who have token <token number> assigned  Use this area to assign or remove the token from its users, view the users to whom the token is assigned, test the token, reset the token to resolve authentication issues, configure a token PIN, or create a temporary response for the token user. For more information about the elements in this area, see the table below this procedure.
Token details  Use this area to view information about the token. This area shows the token type, encryption used by the token, token response length, and token activation key.
Test  Allows you to run a test operation that checks if the token generates a valid response.
PIN  Allows you to assign a new PIN to the token. This is required if the authentication issue is related to an incorrect or forgotten PIN. On the page that opens, type a new PIN in the New PIN and Confirm PIN text boxes.
When you are finished, click Set PIN to save the changes.
Reset  Causes the token to resynchronize with the Defender Security Server. This is required if the authentication issue is related to a time drift on the token or, for event-based tokens, a number of token responses being used without user authentication taking place.
Temporary Response  Allows you to create a temporary response for the token user. You may need to create a temporary response if the token does not function properly or if the user has lost the token but still needs access to the protected resources.
Use the Expire temporary response in list to select a validity period for the temporary response.
You can select the Response can be used multiple times check box, so that the user could use the temporary response multiple times during the specified validity period.
Click Assign to create and assign a temporary response using the specified parameters.

Viewing authentication statistics

2
Click the Administer Defender option.
The Dashboard tab has the following elements:
Log Receiver Service  Shows the current status of the Defender Log Receiver Service. If the Defender Log Receiver Service is not running, the data on the Dashboard is not updated. If your portal role permits, you can also stop, restart, or configure the service.
Warnings from Defender Security Servers  Displays the most recent warning messages related to the Defender Security Servers in your environment. To view a complete list of warning messages, click More.
Authentication requests by DSS, last hour  Displays the number of authentication requests received during the last hour for each Defender Security Server running in your Defender environment. Move the cursor over each section of the pie chart to view the total number of authentication requests per Defender Security Server during the last hour and the percentage total.
Authentications per hour, last 24 hours  Displays the total number of successful and failed authentication requests received by all Defender Security Servers, per hour, in the last 24 hours.

Viewing Defender Security Server warnings and logs

2
Click the Administer Defender option.
DSS Warnings  Displays warning messages generated by the selected Defender Security Server. From the Select Defender Security Server list, select the server whose warnings you want to view.
DSS Logs  Displays the Defender Security Server logs in near real-time. From the Select Defender Security Server list, select the server whose logs you want to view.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating