Chat now with support
Chat with Support

Cloud Access Manager 8.1.1 - Configuration Guide

Configuring a front-end authentication method Adding a web application Configuring step-up authentication Managing your SSL certificate Changing the Cloud Access Manager service account password Reporting Customizing Dell™ One Identity Cloud Access Manager

Configuring for external users

Two factor authentication may also be applied only for external users. In this context, external users are defined as users whose IP addresses do not fall in the following ranges:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
Two factor authentication for external users may be configured either to apply to all applications, or it can be configured on a per application basis.
To configure two factor authentication for external users for all applications
1
Navigate to the Front-end Authentication page and click on the name of the authenticator that you want to configure.
2
Click the Two Factor Authentication tab.
3
Select Use two factor authentication for all applications for external users only.
4
Configure the RADIUS Connection Settings if not already configured, please refer to Configuring a front-end authentication method for further information.
To configure two factor authentication for external users for specific applications
1
To configure the front-end authenticator follow the steps in To configure the front-end authenticator for step-up authentication.
2
To configure the application follow the steps in To configure the application for step-up authentication.
3
Select the Only use two factor authentication for external users check box on the application's Two Factor Authentication tab.

Configuring Defender as a Service with Cloud Access Manager

Defender as a Service is a cloud based authentication service that allows users to self-register and access their one time passwords on both mobile and desktop devices.

Purchasing a subscription

If you do not currently have a Defender as a Service subscription please email sales@quest.com or telephone: 1-800-306-9329 for assistance.

Defender as a Service Dashboard

When your subscription is confirmed, you will receive an email containing your subscription details. This will include the:
Defender as a Service instance name
Subscription key
address and credentials required to access the Defender as a Service dashboard.
To access the Defender as a Service dashboard
1
Open an Internet browser and navigate to the address in your email.
2
You will be prompted for your email address and password, use the values in your confirmation email.
3
You will then be prompted for a token response.
* 
NOTE: To obtain this response you must install the Dell Defender Cloud App. Links to download the app are included in your confirmation email.
4
When downloaded and configured, the app will display a one-time password that you can enter into the browser.
5
When you are logged in, you are presented with a short video that explains the functionality of the dashboard.
To configure Cloud Access Manager to use Defender as a Service
Defender as a Service can be used as a two-factor authentication provider from within Cloud Access Manager. For instructions on how to configure two-factor authentication, please refer to Configuring front-end authenticators.
To configure Cloud Access Manager to manage access to the Defender as a Service dashboard
You can configure Defender as a Service to use Cloud Access Manager for federated authentication. To achieve this you need to:
Create a Defender as a Service application in Cloud Access Manager
Configure Defender as a Service with the Cloud Access Manager login URL and signing certificate.
When this is complete, users with the appropriate permissions will see a Defender as a Service icon in the Cloud Access Manager portal and can single-sign on (SSO) to the Defender as a Service Dashboard.
To configure the Defender as a Service application in Cloud Access Manager
1
Navigate to the Applications page and click Add Application.
2
From the list of application templates, select Dell Defender as a Service.
3
You will be prompted to enter the Tenant Id for your subscription. You can find the Tenant Id in the Website Authentication settings of the Defender as a Service portal when federated authentication is set to SAML. It is also the last section of the dashboard address as shown in your subscription confirmation email. Click Save & Next.
4
Click Next to move through the remaining pages of the wizard to complete the application configuration using the default settings. You should review the settings as you proceed to ensure they are correct for your environment. In particular, you should consider limiting access to the Defender as a Service application by selecting a particular role on the Permissions page.
5
When you reach the Application Portal page, click Finish. You are presented with the federation settings. Make a note of the IDP Login URL and download the Certificate, as these will be required when you configure the Defender as a Service Dashboard.
To configure the Defender as a Service Dashboard to use Cloud Access Manager for federated authentication
1
Logon to the Defender as a Service Dashboard and navigate to Settings | Website Authentication.
2
Select SAML from the Federated authentication list.
3
Enter the IDP Login URL from the Cloud Access Manager federation settings page.
4
Select the certificate previously downloaded from Cloud Access Manager.
5
Click Save.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating