ebook img

IDENTIKEY Appliance Administration Reference PDF

221 Pages·2016·1.62 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview IDENTIKEY Appliance Administration Reference

® IDENTIKEY Appliance Administrator Reference 3.17 DisclaimerofWarrantiesandLimitationsofLiabilities LegalNotices Copyright©2008–2019OneSpanNorthAmerica,Inc.Allrightsreserved. Trademarks OneSpan™,DIGIPASS® andCRONTO® are registeredor unregisteredtrademarksofOneSpanNorthAmerica Inc., OneSpanNVand/orOneSpanInternationalGmbH(collectively"OneSpan")intheU.S.andothercountries. OneSpanreservesallrightstothetrademarks,servicemarksandlogosofOneSpananditssubsidiaries. Allothertrademarksortradenamesarethepropertyoftheirrespectiveowners. IntellectualProperty OneSpanSoftware,documentsandrelatedmaterials(“Materials”)containproprietaryandconfidential information. All title, rights and interest in OneSpan Software and Materials, updates and upgrades thereof, including software rights,copyrights,patentrights,industrialdesignrights,tradesecretrights,suigenerisdatabaserights,andallother intellectualandindustrialpropertyrights,vestexclusivelyinOneSpanoritslicensors.NoOneSpanSoftwareorMater- ialsmaybe downloaded,copied,transferred,disclosed,reproduced,redistributed,or transmittedinanyform or by any means, electronic, mechanical or otherwise, for any commercial or production purpose, except as otherwise markedorwhenexpresslypermittedbyOneSpaninwriting. Disclaimer OneSpanacceptsnoliabilityfortheaccuracy,completeness,ortimelinessofcontent,orforthereliabilityoflinksto andcontentofexternalorthirdpartywebsites. OneSpanshallhavenoliabilityunderanycircumstancesforanyloss,damage,orexpenseincurredbyyou,yourcom- pany,oranythirdpartyarisingfromtheuseorinabilitytouseOneSpanSoftwareorMaterials,oranythirdpartymater- ial made available or downloadable. OneSpan will not be liable in relation to any loss/damage caused by modificationoftheseLegalNoticesorcontent. Reservation OneSpanreservestherighttomodifytheseNoticesandthecontentatanytime.OneSpanlikewisereservestheright towithdraw orrevokeconsentorotherwiseprohibituseoftheOneSpanSoftwareorMaterialsifsuchusedoesnot conform tothetermsofanywrittenagreementbetweenOneSpanandyou,orotherapplicabletermsthatOneSpan publishesfromtimetotime. Contactus Visitourwebsite:https://www.onespan.com Resourcecenter:https://www.onespan.com/resource-center Technicalsupportandknowledgebase:https://www.onespan.com/support Ifthereisnosolutionintheknowledgebase,contactthecompanythatsuppliedyouwiththeOneSpanproduct. Datelastmodified:2/22/2019 TableofContents Tableof Contents 1. Introduction 10 1.1.IDENTIKEYApplianceDocumentationSet 10 2. ConfigurationTool:FieldListings 11 2.1.System 11 2.2.Settings 13 2.3.IDENTIKEYAuthenticationServerSettings 22 3. SSLCipherSuites 50 3.1.DefaultSecurityLevelsforSSL CipherSuites 50 4. RADIUS DictionaryFormat 56 5. IDENTIKEYAuthenticationServerAdministrationWebInterfaceReference 58 5.1.UserProperties 58 5.2.UserAttributes 68 5.3.UserReports 69 5.4.AdministrativePrivileges 70 5.5.Find/ManageDIGIPASS 85 5.6.DIGIPASSProperties 86 5.7.DIGIPASSApplicationTab 91 5.8.AuditMessage 92 5.9.PolicyProperties 95 5.10.Pre-LoadedPolicies 118 5.11.ClientProperties 124 5.12.Back-EndServerProperties 127 5.13.OrganizationalUnitPropertySheet 133 5.14.ReportsProperties 133 5.15.Servers – GlobalConfiguration 134 IDENTIKEYAppliance3.17–AdministratorReference iii TableofContents 5.16.Servers–List 145 5.17.LDAP Back-EndAuthentication 145 6. Reporting 148 6.1.StandardReports 148 6.2.QueryDefinitions 149 6.3.QueryFilters 150 7. ImportingUserswithComma-SeparatedValueFiles 156 8. PerformanceMonitoring 158 8.1.CSVFileFormat 158 8.2.Filters 159 9. SystemMonitoring 165 9.1.SNMP TrapParameters 165 9.2.MIB 167 10. LoginPermutations 169 10.1.LoginPolicySettings 170 10.2.LoginPermutationsTables 170 11. OpenPortNumbersonFirewall 175 11.1.IncomingPorts 175 11.2.OutgoingPorts 176 12. AuditMessageTypes 177 12.1.Messages 177 13. ErrorandStatusCodes 200 13.1.IDENTIKEYApplianceErrorCodes 200 13.2.DIGIPASSAuthenticationforWindowsLogonErrorMessages 209 13.3.VACMANControllerErrorCodes 210 13.4.ConsoleWizardErrorCodes 223 IDENTIKEYAppliance3.17–AdministratorReference iv TableofContents 13.5.StatusCodes 224 14. Tracing 236 14.1.TracingMessageTypes 236 14.2.TracingLevels 237 14.3.TracingMessages 238 15. SupportProcedure 239 IDENTIKEYAppliance3.17–AdministratorReference v TableofContents TableIndex Table1:BackupandRestoreFields 11 Table2:SystemFields 13 Table3:AuthenticationFields 14 Table4:NetworkFields 14 Table5:SNMPFields 16 Table6:LoggingFields 18 Table7:NotificationSettingsFields 18 Table8:NotificationFilterFields 19 Table9:NotificationTargetFields 19 Table10:ConfigtoolFields 21 Table11:CertificatesFields 21 Table12:IDENTIKEYAuthenticationServerGeneralSettingsFields 22 Table13:IDENTIKEYAuthenticationServerSEAL ConfigurationFields 25 Table14:IDENTIKEYAuthenticationServerSOAP ConfigurationFields 26 Table15:IDENTIKEYAuthenticationServerRADIUS ConfigurationFields 27 Table16:IDENTIKEYAuthenticationServer Back-EndSettingsFields 27 Table17:IDENTIKEYAuthenticationServerDiscoveryFields 28 Table18:IDENTIKEYAuthenticationServerAuditFields 29 Table19:IDENTIKEYAuthenticationServerTracingFields 31 Table20:IDENTIKEYAuthenticationServerPerformanceMonitoringFields 31 Table21:SystemMonitoringSettingsFields 32 Table22:SystemMonitoringTargetFields 32 Table23:SystemMonitoringFilterFields 34 Table24:MessageDeliveryComponentFields 34 Table25:SMS ServerFields 35 Table26:SMPP ServerFields 38 Table27:SMTP ServerFields 41 Table28:VoiceServerFields 42 IDENTIKEYAppliance3.17–AdministratorReference vi TableofContents Table29:IDENTIKEYAuthenticationServerLDAP UserSynchronization: GeneralFields 46 Table30:IDENTIKEYAuthenticationServerLDAP UserSynchronization: AttributeFilterFields 48 Table31:IDENTIKEYAuthenticationServerLDAP UserSynchronization: AttributeMappingFields 48 Table32:CryptographicProtocolsSupportedinDifferentCipherSuiteSecurityLevels 50 Table33:DefaultSSL CipherSuiteSecurityLevelsforCommunicationInterfaces 50 Table34:CipherSuitesintheWebAdministrationService 54 Table35:User-Dashboard 58 Table36:User-UserAccount 60 Table37:User-PolicyOverrides 63 Table38:User-OfflineAuthentication 67 Table39:User-RecentActivity 67 Table40:User-FurtherUserFields 68 Table41:UserAttributeFields 68 Table42:DefaultReports 69 Table43:AdministrativePrivileges–ODBCDataStore 71 Table44:Find/ManageDIGIPASSCriteria 85 Table45:DIGIPASS–DIGIPASS 86 Table46:DIGIPASS–LicenseInformation 89 Table47:DIGIPASS–ActivationInformation(StandardActivationandLicensing) 89 Table48:DIGIPASS–ActivationInformation(Multi-DeviceActivationandMulti-DeviceLicensing) 89 Table49:DIGIPASS–RecentActivity 90 Table50:DIGIPASSApplicationFields 91 Table51:AuditMessage 92 Table52:PolicyProperties-Policy 96 Table53:PolicyProperties-User 98 Table54:PolicyProperties–DIGIPASS 102 Table55:ChallengePolicyFields 105 Table56:SecureChannelPolicyFields 106 Table57:VirtualMobileAuthenticatorPolicyFields 107 IDENTIKEYAppliance3.17–AdministratorReference vii TableofContents Table58:PushNotificationPolicyFields 111 Table59:DIGIPASSControlParameters 112 Table60:OfflineAuthentication 115 Table61:PasswordRandomization 115 Table62:DynamicComponentRegistration 115 Table63:RADIUS 117 Table64:Pre-LoadedPolicies 119 Table65:ClientFields 125 Table66:LicenseFields 126 Table67:RADIUSFields 126 Table68:SOAP Fields 126 Table69:RADIUSBack-EndServerFields 127 Table70:MicrosoftActiveDirectoryBack-EndServerFields 128 Table71:NetIQeDirectoryBack-EndServerFields 129 Table72:Back-EndServerSettingsFields 131 Table73:OrganizationalUnitFields 133 Table74:ReportFields 133 Table75:GlobalConfiguration–Auditing 135 Table76:GlobalConfiguration–DIGIPASS ActivationDelayed 135 Table77:GlobalConfiguration–DIGIPASS ActivationCompleted 136 Table78:GlobalConfiguration–OfflineActivationData 137 Table79:GlobalConfiguration–Maker–Checker 138 Table80:GlobalConfiguration–ChallengeCache 139 Table81:GlobalConfiguration–ProvisioningCache 140 Table82:GlobalConfiguration–SignatureCache 140 Table83:GlobalConfiguration–PushNotification 141 Table84:GlobalConfiguration–VirtualMobileAuthenticator 141 Table85:GlobalConfiguration–VirtualSignature 142 Table86:MessageTemplatePlaceholders 143 IDENTIKEYAppliance3.17–AdministratorReference viii TableofContents Table87:ServerList–Summary 145 Table88:SupportedUserLogonFormatforMicrosoftActiveDirectory 146 Table89:SupportedUserLogonFormatforNetIQeDirectory 147 Table90:UserFieldList 150 Table91:DIGIPASSfieldlist 151 Table92:Auditfieldlist 152 Table93:PerformanceMonitoringCSVoutputfileformat 158 Table94:SNMP Traps-Parameters 165 Table95:MIBTable 168 Table96:LoginPermutations-Response-OnlyCleartextSeparate 171 Table97:LoginPermutations-Response-OnlySeparate 172 Table98:LoginPermutations-Response-OnlyCHAP/MSCHAP/MSCHAP2 172 Table99:LoginPermutations–2-StepChallenge/ResponseCleartextSeparate 173 Table100:LoginPermutations–VirtualMobileAuthenticator 174 Table101:IncomingPortsusedbyIDENTIKEYAppliance 175 Table102:OutgoingPortsusedbyIDENTIKEYAuthenticationServer 176 Table103:AuditMessageTypes 177 Table104:AuditMessages 177 Table105:AuditMessages(specifictoIDENTIKEYApplianceonly) 199 Table106:ErrorCodeList 200 Table107:DIGIPASSAuthenticationforWindowsLogonErrorMessages 209 Table108:VACMANControllerErrorCodes–AuthenticationandAdministration 210 Table109:VACMANControllerErrorCodes-DIGIPASSrecordimport 219 Table110:ConsoleWizardErrorCodes 223 Table111:StatusCodesList 224 Table112:TracingMessageTypes 236 Table113:TracingMessageLevels 238 Table114:TracingMessageContents 238 IDENTIKEYAppliance3.17–AdministratorReference ix 1.   Introduction 1. Introduction IDENTIKEY Appliance Administrator Reference is part of the documentation set about IDENTIKEY Appliance. It providesfieldexplanationsandotherorganizedreferencematerialfortechnicalexpertsusingIDENTIKEYAppliance andisintendedforreferenceonly. Ifnotstatedotherwise,theinformationinthisguidealsoappliestoIDENTIKEY VirtualAppliance. Warning ComponentsorfeaturesdescribedinthisdocumentmayneedtobeconfiguredtomeetthestandardsoftheGen- eralDataProtectionRegulation(GDPR).Ifyourorganizationiscollectingorinanycapacityprocessingdataoncit- izensofaEuropeanUnioncountry,yourorganizationissubjecttotheGDPR.Formoreinformationonthissubject matter,refertotheIDENTIKEYApplianceGeneralDataProtectionRegulationComplianceGuide. 1.1. IDENTIKEY ApplianceDocumentation Set ThefollowingIDENTIKEYApplianceguidesareavailable: n IDENTIKEYApplianceAdministratorGuide.Explainsthestepsneededforadministrationtasks,including monitoringandtroubleshooting. n IDENTIKEYApplianceAdministratorReference.Providesfieldexplanationsandotherorganizedreference materialfortechnicalexpertsusingIDENTIKEYApplianceintendedforreferenceonly. n IDENTIKEYApplianceInstallationandMaintenanceGuide.Explainsthestepsrequiredtoconnectthe IDENTIKEYAppliancetoyournetwork,first-timeconfigurationandmaintenanceprocedures,suchas updatingandre-licensing. n IDENTIKEYApplianceProductGuide.Describesthestructureoftheproduct,theconceptsunderpinning authenticationandhowIDENTIKEYAppliancecansupportauthenticationwithinanexistinginfrastructure. n IDENTIKEYApplianceGeneralDataProtectionRegulationComplianceGuide:providesgeneralinformation abouttheEUGeneralDataProtectionRegulation(GDPR),itsimplicationsonIDENTIKEYApplianceand providesinstructionstoachieveGDPRcompliancewhereadditionaladaptationsorproceduresare required. n IDENTIKEYAuthenticationServerSDKProgrammerGuide.Providesin-depthinformationrequiredfordevel- opmentworkusingtheSDK.ThisdocumentisrelevanttoSOAPAuthentication,electronicsignaturesand provisioningusingtheIDENTIKEYAppliance. n DocumentsaboutDIGIPASSAuthenticationforWindowsLogon.Provideinformationabouttheconcepts, installationandconfiguration,setup,andprocedurestotestDIGIPASSAuthenticationforWindowsLogon. n TwoPasswordSynchronizationManagerguidesforinstallationandusageinformation. n Filterguidesforeachavailablefilterforinstallationandusageinformation. Access to the IDENTIKEY Appliance documentation is provided via the IDENTIKEY Appliance Configuration Tool. ManualsforIDENTIKEYApplianceadd-onsareprovidedontheCD-ROMdeliveredwiththeappliance. IDENTIKEYAppliance3.17–AdministratorReference 10

Description:
you, your company, or any third party arising from the use or inability to use VASCO Software or . Table47: DIGIPASS – Activation Information (Standard Activation and Licensing) Table74: GlobalConfiguration – Auditing IDENTIKEY Authentication Server SDK Programmer Guide. International.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.