Chat now with support
Chat with Support

We are currently experiencing a OneLogin Outage within the US region, please consult https://www.onelogin.com/status for further details.

Defender 6.5 - Administration Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Defender Management Portal (Web interface) Securing PAM-enabled services Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Push Notifications Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Configuring ISAPI Agent

To configure ISAPI Agent

  1. On the computer where the ISAPI Agent is installed, run the Defender ISAPI Agent Configuration tool.
  2. In the dialog box that opens, specify the ISAPI Agent settings, and then click OK.

The dialog box looks similar to the following:

 

 

 

 

DSS Parameters tab

On this tab, specify the Defender Security Servers to which you want the ISAPI Agent to connect. You can use the following elements:

  • Defender Security Servers  Use this area to set up a list of the Defender Security Servers to which you want the ISAPI Agent to connect.
    • Add  Adds a new entry to the list. After adding a new entry, edit its properties in the Edit DSS Entry area.
    • Remove  Removes the selected entry from the list.
  • Edit DSS Entry  Use this area to specify or edit the name, address, port number, and shared secret of the Defender Security Server to which you want the ISAPI Agent to connect.
    • Name  Type the name of the Defender Security Server you want to use for user authentication.
    • Address  Type the IP address of the Defender Security Server.
    • Port  Type the communication port number configured on the access node you want the ISAPI Agent to use.
    • Shared Secret  Type the shared secret configured on the access node you want the ISAPI Agent to use.

Protected Sites tab

On this tab, select the check boxes next to the websites you want to protect with Defender. By default, Defender protects the whole website. If you want to protect only some parts of the website, use the default.acl file located in the ISAPI Agent installation folder. This file contains two sections where you can list parts that should and should not be protected. When specifying the website’s parts, use relative URLs.

Accessing Protected Website

To access protected website

  1. Using any supported browser, access the protected website. On the Login page, enter your user name and click Sign in.

     

     

  1. In the example below, users are required to authenticate themselves by entering their passcode. The authentication type depends on how the Defender policy has been configured. For example, if Defender is configured to use a token policy, the Enter Synchronous Response prompt will be displayed.

 

 

  1. If users have entered a valid response, they will be authenticated and permitted to access the website.

Securing Windows-based computers

You can configure Defender to authenticate users when they sign in to their Windows-based computers in your organization.

 

 

To secure Windows-based computers, in addition to the required Defender components you need to install and configure the component called the Defender Desktop Login on each computer you want to secure with Defender. For more information about installing and configuring the required Defender components, see Deploying Defender.

Installing Defender Desktop Login by using a wizard

You can use a wizard to install Defender Desktop Login on a local computer.

To install Defender Desktop Login

  1. Run the DefenderDesktopLogin.exe file supplied in the Defender distribution package.
  2. Complete the wizard to install Defender Desktop Login.
    IMPORTANT: You must configure Defender Desktop Login before restarting the computer. Otherwise, you may not be able to log on after the computer has been restarted.
    For instructions, see Configuring Defender Desktop Login by using a configuration tool and Configuring Defender Desktop Login by using Group Policy.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating