立即与支持人员聊天
与支持团队交流

Defender 6.4 - Administration Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Defender Management Portal (Web interface) Securing PAM-enabled services Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Push Notifications Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Step 2: Configure an IPsec connection profile

To configure an IPsec profile

  1. In the Cisco ADSM console, do the following:
    1. On the toolbar, click Configuration.
    2. In the left pane, click Remote Access VPN.
    3. In the left pane, expand the Network (Client) Access node to select the IPsec Connection Profiles node.
  2. In the right pane, under Connection Profiles, select an existing profile or add a new profile.
  3. Modify the selected or created profile (click the Edit button): In the User Authentication area, from the Server Group drop-down list, select the AAA server group you created in Step 1: Create an AAA server group, add Defender Security Server.

Configuring Defender

To configure Defender, you need to complete these steps:

Step 1: Configure an Access Node

To configure an Access Node

  1. On the computer where the Defender Administration Console is installed, open the Active Directory Users and Computers tool (dsa.msc).
  2. In the left pane, expand the appropriate domain node, and then expand the Defender node
  3. In the left pane, right-click Access Nodes, from the shortcut menu, select New | Defender Access Node.
    1. Complete the wizard to configure the Defender Access Node.
      • On the Enter a name and description for this Access Node page, type a descriptive name and description for the Access Node.
      • On the Select the node type and user ID type for this Access Node page, use the following options:

      Node Type  From this list, select Radius Agent. This enables the RADIUS protocol for communications between Cisco ACS devices and Defender. Note that the RADIUS protocol is transmitted over UDP and uses port 1645 or 1812.

      User ID  From this list, select the user ID type you want to use.

      • On the Enter the connection details for this Access Node page, use the following options:

      IP Address or DNS Name  Specify the Cisco AAA Server by entering its IP address or DNS name.

      Port  Type the port number through which you want this Access Node to connect to the Defender Security Server. You must specify the same port as the one you entered in the Server Authentication Port text box in Step 1: Create an AAA server group, add Defender Security Server.

      Subnet Mask  Keep the default subnet mask.

      Shared Secret  Type the same shared secret you entered in the Server Secret Key text box in Step 1: Create an AAA server group, add Defender Security Server.

Step 2: Specify users or groups for the Access Node

In this step, you specify the users or groups who will use the configured Access Node to authenticate via Defender.

To specify users or groups for the Access Node

  1. On the computer where the Defender Administration Console is installed, open the Active Directory Users and Computers tool (dsa.msc).
  2. Open the properties of the Access Node you have configured:
    1. In the left pane, expand the domain node, expand the Defender node, and then click to select Access Nodes.
    2. In the right pane, double-click the Access Node.
  3. In the dialog box that opens, use the Members tab to add the users or groups to the Members list.
  4. When you are finished, click OK.
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级