CommandCenter Secure Gateway - Admin Guide - Version ... - Raritan

More documents

Recommendations

Info

Chapter 12: Remote Authentication For example, if you specify cn=Groups,dc=raritan,dc=com as the Base DN and (objectclass=group) as the Filter, then all entries that are in the Groups entry and are of type group will be returned. 4. Click Next to proceed. The Trusts tab opens. AD Trust Settings In the Trusts tab, you can set up trust relationships between this new AD domain and any existing domains. A trust relationship allows resources to be accessible by authenticated users across domains. Trust relationships can be incoming, outgoing, bidirectional, or disabled. You should set up trust relationships if you want AD modules that represent different forests in AD to be able to access information from each other. The trusts you configure in CC-SG should match the trusts configured in AD. 1. Click the Trusts tab. If you have configured more than one AD domain, all other domains are listed in the Trusts tab. 2. For each domain in the Trust Partner column, click the Trust Direction drop-down menu, and then select the direction of trust you want to establish between the domains. Trust directions are updated in all AD modules when you make changes to one AD module. • Incoming: information will be trusted coming in from the domain. • Outgoing: information will be trusted going to the selected domain. • Bidirectional: information will be trusted in both directions from each domain. • Disabled: information will not be exchanged between the domains. 3. Click Apply to save your changes, and then click OK to save the AD module and exit the window. The new AD module appears in the Security Manager screen under External AA Servers. 4. Select the Authentication checkbox if you want CC-SG to use the AD module for authentication of users. Select the Authorization checkbox if you want CC-SG to use the AD module for authorization of users. 5. Click Update to save your changes. Editing an AD Module Once you have configured AD modules, you can edit them at any time. To edit an AD module: 1. Choose Administration > Security. 2. Click the Authentication tab. All configured external Authorization and Authentication Servers appear in a table. 140
Chapter 12: Remote Authentication 3. Select the AD module you want edit, and then click Edit. 4. Click each tab in the Edit Module window to view the configured settings. Make changes as needed. See AD General Settings (on page 137), AD Advanced Settings (on page 138), AD Group Settings (on page 139), and AD Trust Settings (on page 140). 5. If you change the connection information, click Test Connection to test the connection to the AD server using the given parameters. You should receive a confirmation of a successful connection. If you do not see a confirmation, review the settings carefully for errors and try again. 6. Click OK to save your changes. 7. You must synchronize the AD user groups you changed, or you can synchronize all AD modules to synchronize all groups and users in all modules. See Synchronize All User Groups with AD (on page 143) and Synchronize All AD Modules (on page 144). Importing AD User Groups You must specify Group settings in the AD module before you can import groups from the AD server. See AD Group Settings (on page 139). After making a change to imported groups or users, you must synchronize the AD user groups you changed so that the imported groups are mapped to the appropriate groups on AD and synchronize all AD modules to synchronize all groups and users in all modules. See Synchronize All User Groups with AD (on page 143) and Synchronize All AD Modules (on page 144). You can import nested groups from AD. Note: Make sure that you have configured the CC-SG DNS and Domain Suffix in Configuration Manager before attempting to import AD user groups. See Advanced Administration (on page 177). To import AD user groups: 1. Choose Administration > Security. 2. Click the Authentication tab. All configured Authorization and Authentication Servers appear in a table. 3. Select the AD server whose AD user groups you want to import. 4. Click Import AD User Groups to retrieve a list of user group values stored on the AD server. If any of the user groups are not already on the CC-SG, you can import them here and assign them an access policy. 5. Select the groups you want to import to CC-SG. • Imported user group names can include up to 64 characters. 141
Page 1 and 2:
CommandCenter Secure Gateway Admini
Page 3 and 4:
Contents What's New in the CC-SG Ad
Page 5 and 6:
Contents Edit a Blade Chassis Devic
Page 7 and 8:
Contents Edit a Node Group.........
Page 9 and 10:
Contents Hide or Show Report Filter
Page 11 and 12:
Contents Access Control List.......
Page 13 and 14:
Contents Appendix C User Group Priv
Page 15 and 16:
What's New in the CC-SG Administrat
Page 17 and 18:
How-To: CC-SG Essentials This secti
Page 19 and 20:
How-To: CC-SG Essentials 6. Click O
Page 21 and 22:
How-To: CC-SG Essentials Power Stat
Page 23:
How-To: CC-SG Essentials b. Click A
Page 26 and 27:
Chapter 1: Introduction Terminology
Page 28 and 29:
Chapter 1: Introduction Ports - con
Page 30 and 31:
Chapter 2: Accessing CC-SG JRE Inco
Page 32 and 33:
Chapter 2: Accessing CC-SG CC-SG Ad
Page 34 and 35:
Chapter 3 Getting Started Upon the
Page 36 and 37:
Chapter 3: Getting Started 2. Selec
Page 38 and 39:
Chapter 4: Configuring CC-SG with G
Page 40 and 41:
Page 42 and 43:
Page 44 and 45:
Page 46 and 47:
Chapter 5: Associations, Categories
Page 48 and 49:
Chapter 5: Associations, Categories
Page 50 and 51:
Chapter 6 Devices, Device Groups, a
Page 52 and 53:
Chapter 6: Devices, Device Groups,
Page 54 and 55:
Page 56 and 57:
Page 58 and 59:
Page 60 and 61:
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
Page 70 and 71:
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
Page 82 and 83:
Page 84 and 85:
Page 86 and 87:
Page 88 and 89:
Chapter 7: Managed Powerstrips Conf
Page 90 and 91:
Chapter 7: Managed Powerstrips Dele
Page 92 and 93:
Chapter 7: Managed Powerstrips Conf
Page 94 and 95:
Chapter 7: Managed Powerstrips 2. S
Page 96 and 97:
Chapter 8: Nodes, Node Groups, and
Page 98 and 99:
Page 100 and 101:
Page 102 and 103:
Page 104 and 105:
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
Page 114 and 115: Chapter 8: Nodes, Node Groups, and
Page 134 and 135: Chapter 9: Users and User Groups Th
Page 136 and 137: Chapter 9: Users and User Groups Ad
Page 138 and 139: Chapter 9: Users and User Groups De
Page 140 and 141: Chapter 9: Users and User Groups
Page 142 and 143: Chapter 9: Users and User Groups De
Page 144 and 145: Chapter 9: Users and User Groups 2.
Page 146 and 147: Chapter 10: Policies for Access Con
Page 148 and 149: Chapter 10: Policies for Access Con
Page 150 and 151: Chapter 11 Custom Views for Devices
Page 152 and 153: Chapter 11: Custom Views for Device
Page 158 and 159: Chapter 12: Remote Authentication 3
Page 166 and 167: Chapter 12: Remote Authentication
Page 168 and 169: Chapter 12: Remote Authentication S
Page 170 and 171: Chapter 12: Remote Authentication L
Page 172 and 173: Chapter 12: Remote Authentication O
Page 176 and 177: Chapter 13: Reports View Report Det
Page 178 and 179: Chapter 13: Reports 2. Set the date
Page 180 and 181: Chapter 13: Reports Availability Re
Page 182 and 183: Chapter 13: Reports Device Asset Re
Page 184 and 185: Chapter 13: Reports Node Asset Repo
Page 186 and 187: Chapter 13: Reports 3. In the AD Us
Page 188 and 189: Chapter 14 System Maintenance In Th
Page 190 and 191: Chapter 14: System Maintenance •
Page 192 and 193: Chapter 14: System Maintenance a. C
Page 194 and 195: Chapter 14: System Maintenance Opti
Page 196 and 197: Chapter 14: System Maintenance Upgr
Page 198 and 199: Chapter 14: System Maintenance In F
Page 200 and 201: Chapter 14: System Maintenance 2. C
Page 202 and 203: Chapter 15: Advanced Administration
Page 214 and 215:
Chapter 15: Advanced Administration
Page 216 and 217:
Page 218 and 219:
Page 220 and 221:
Page 222 and 223:
Page 224 and 225:
Page 226 and 227:
Page 228 and 229:
Page 230 and 231:
Page 232 and 233:
Page 234 and 235:
Page 236 and 237:
Page 238 and 239:
Page 240 and 241:
Page 242 and 243:
Page 244 and 245:
Page 246 and 247:
Page 248 and 249:
Page 250 and 251:
Page 252 and 253:
Page 254 and 255:
Page 256 and 257:
Page 258 and 259:
Chapter 16 Diagnostic Console The D
Page 260 and 261:
Chapter 16: Diagnostic Console 2: A
Page 262 and 263:
Chapter 16: Diagnostic Console Info
Page 264 and 265:
Chapter 16: Diagnostic Console Stat
Page 266 and 267:
Chapter 16: Diagnostic Console The
Page 268 and 269:
Chapter 16: Diagnostic Console Edit
Page 270 and 271:
Chapter 16: Diagnostic Console 3. T
Page 272 and 273:
Chapter 16: Diagnostic Console Use
Page 274 and 275:
Chapter 16: Diagnostic Console Alth
Page 276 and 277:
Chapter 16: Diagnostic Console 3. C
Page 278 and 279:
Chapter 16: Diagnostic Console Note
Page 280 and 281:
Chapter 16: Diagnostic Console 2. E
Page 282 and 283:
Chapter 16: Diagnostic Console 2. E
Page 284 and 285:
Chapter 16: Diagnostic Console Opti
Page 286 and 287:
Chapter 16: Diagnostic Console Pass
Page 288 and 289:
Chapter 16: Diagnostic Console Conf
Page 290 and 291:
Chapter 16: Diagnostic Console Disp
Page 292 and 293:
Chapter 16: Diagnostic Console d. A
Page 294 and 295:
Chapter 16: Diagnostic Console 2. C
Page 296 and 297:
Chapter 16: Diagnostic Console 4. S
Page 298 and 299:
Chapter 16: Diagnostic Console Take
Page 300 and 301:
Appendix A Specifications for V1 an
Page 302 and 303:
Appendix A: Specifications for V1 a
Page 304 and 305:
Appendix B: CC-SG and Network Confi
Page 306 and 307:
Page 308 and 309:
Page 310 and 311:
Page 312 and 313:
Appendix C: User Group Privileges M
Page 314 and 315:
Page 316 and 317:
Page 318 and 319:
Page 320 and 321:
Appendix D SNMP Traps CC-SG provide
Page 322 and 323:
Appendix E Troubleshooting Launchin
Page 324 and 325:
Appendix F: Diagnostic Utilities
Page 326 and 327:
Appendix F: Diagnostic Utilities Fi
Page 328 and 329:
Appendix G Two-Factor Authenticatio
Page 330 and 331:
Appendix H: FAQs Question Is the st
Page 332 and 333:
Appendix H: FAQs Authentication FAQ
Page 334 and 335:
Appendix H: FAQs Question Can audit
Page 336 and 337:
Appendix H: FAQs Question To what l
Page 338 and 339:
Appendix J Naming Conventions This
Page 340 and 341:
Appendix J: Naming Conventions Fiel
Page 343 and 344:
Index A About Administrator Console
Page 345 and 346:
Index Command Tips • 227, 229 Com
Page 347 and 348:
Index How to Create Associations
Page 349 and 350:
Index SSH Commands and Parameters
Page 352:
U.S./Canada/Latin America Monday -
show all

CommandCenter Secure Gateway - Admin Guide - Version ... - Raritan

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?