McAfee QUICKCLEAN 1.0 User's Guide

Browse online or download User's Guide for Networking McAfee QUICKCLEAN 1.0. McAfee QUICKCLEAN 1.0 Product guide [en] User Manual

  • Download
  • Add to my manuals
  • Print

Summary of Contents

Page 1 - Product Guide

Product GuideRevision AMcAfee Enterprise Authentication 1.0.0

Page 2 - License Agreement

Deployment10McAfee Enterprise Authentication 1.0.0 Product Guide

Page 3 - Contents

2Deployment optionsEnterprise Authentication offers several options to meet your deployment needs.Contents Types of installations Web-based inte

Page 4

• Failover — If one server fails, the other servers within the cluster automatically absorb theworkload.• High Availability — The ability for each ser

Page 5 - About this guide

Multi-tenancyTenants represent businesses within an enterprise or companies that subscribe to cloud-based servicesthrough a Service Provider.In a mult

Page 6 - Find product documentation

• Manage tokens• Manage PINs2Deployment optionsTenancy and administrator roles14McAfee Enterprise Authentication 1.0.0 Product Guide

Page 7 - Introduction

3Deployment scenariosWhen creating your deployment plan, consider each Enterprise Authentication deployment scenarios.You can implement Enterprise Aut

Page 8 - How authentication works

Considerations• UPD ports configured on the Enterprise Authentication server and RADIUS client are identical.• The shared secrets configured on the En

Page 9

How it worksFigure 3-2 Enterprise Authentication as the Identity ProviderNumber Description1 Users request access protected applications and are redi

Page 10 - Deployment

3Deployment scenariosEnterprise Authentication as the Identity Provider18McAfee Enterprise Authentication 1.0.0 Product Guide

Page 11 - Deployment options

4Plan your deploymentBefore you install Enterprise Authentication, plan and prepare your network environment.Contents Requirements Authenticatio

Page 12 - Web-based interface

COPYRIGHTCopyright © 2014 McAfee, Inc. Do not copy without permission.TRADEMARK ATTRIBUTIONSMcAfee, the McAfee logo, McAfee Active Protection, McAfee

Page 13 - Multi-tenancy

Table 4-1 Requirements (continued)Component RequirementUser data stores These user data stores are supported:• Active Directory (AD)• Lightweight Dir

Page 14 - • Manage PINs

Example: When using MFA to gain access to protected resources, users are authenticated using theirpassword and one-time password. Enterprise Authentic

Page 15 - Deployment scenarios

• Identity theft — Since passwords are more prone to theft, certificates ensure that identityinformation is valid and secure.• Unauthorized access — W

Page 16 - Considerations

Table 4-3 Environment structure (continued)Determine... VerifiedThat you have administrator rights on all servers you intend to useIf these minimum r

Page 17 - How it works

Table 4-5 Resources (continued)Determine... VerifiedIf you plan to send one-time passwords using the McAfee Message Gateway. If so, youmust have a:•

Page 18

SetupInstall Enterprise Authentication on your computer and complete thepost-installation tasks.Chapter 5 InstallationChapter 6 Post-installation task

Page 19 - Plan your deployment

Setup26McAfee Enterprise Authentication 1.0.0 Product Guide

Page 20 - Authentication methods

5InstallationTo complete the installation, download and install the Enterprise Authentication product files on yoursupported server-class operating sy

Page 21

5InstallationInstall the product files28McAfee Enterprise Authentication 1.0.0 Product Guide

Page 22 - Deployment checklist

6Post-installation tasksTo ensure your network is prepared for authentication, complete the post-installation tasks.Contents Set up clusters Acc

Page 23

ContentsPreface 5About this guide ... 5Audience ... 5Conventions ...

Page 24

5Verify the cluster setup.aOn the administration interface, click the Cluster tab.bMove your cursor over the server and verify that the correct inform

Page 25 - Chapter 5 Installation

Add tenantsTo add tenants that are hosted on the same Enterprise Authentication server, use the administrationinterface.Task1In the administration int

Page 26

6Post-installation tasksAdd tenants32McAfee Enterprise Authentication 1.0.0 Product Guide

Page 27 - Installation

Configuration and useUse the Enterprise Authentication web-based components to configure yourauthentication options.Chapter 7 Processing authenticatio

Page 28 - Install the product files

Configuration and use34McAfee Enterprise Authentication 1.0.0 Product Guide

Page 29 - Post-installation tasks

7Processing authentication requests withflowsWhen users request access to protected resources, Enterprise Authentication uses authentication flowsto s

Page 30 - Change the default HTTP port

The response of each processed action determines whether the user is granted access to the protectedresource.Both configuration options include these

Page 31 - Add tenants

eClick Add.fCheck and resolve any possible condition conflicts.7Click Next.Configure SAML Identity Provider flows using the guidedconfiguration toolUs

Page 32

Create custom authentication flowsTo create custom authentication flows that meet your specific network needs, manually combineEnterprise Authenticati

Page 33 - Configuration and use

Import tokensTo enable user token authentication, import tokens to Enterprise Authentication.Task1On the administration interface, click the Main tab,

Page 34

Log on to the administration interface ... 30Change the built-in administrator account credentials ... 30Add tenants .

Page 35

Table 7-2 Tenant mapping configuration options Option Task stepsBind listener to tenant1From the Tenant drop-down list, select the tenant.2Click OK.B

Page 36

Connect Enterprise Authentication to data sourcesConnect Enterprise Authentication to the data sources where your user data is stored.Tasks• Add a con

Page 37

cIf the LDAP directory server uses an SSL connection, select the SSL enabled checkbox.dIn the Port field, enter the LDAP directory server port.eIn the

Page 38 - Upload certificates

6Add conditions.aClick Add.bIn the Attribute field, enter the attribute on which you want to build the condition.cSelect one of these operators:•must•

Page 39 - Configure listeners

Table 7-5 Configurable action options (continued)Task StepsAdd listeners to the action.1Next to the action, click +.2Click Add listener response hand

Page 40 - Configure HTTP listeners

8Assigning administrator permissionsAssign administrator permission sets to network users.Contents Assign system administrator permissions Confi

Page 41

Configure Pledge Profile Service settingsTo enable users to use their Pledge software token, configure the Pledge Profile Service settings.Task1Click

Page 42

See also Add a connection to the LDAP directory on page 41Add a connection to the Active Directory on page 42Configure SMTP settingsTo enable users to

Page 43 - Import authentication flows

8Assigning administrator permissionsAssign tenant administrator permissions48McAfee Enterprise Authentication 1.0.0 Product Guide

Page 44

9Assisting users with Web ManagerTo assist users with their authentication settings, user administrators use the Web Manager interface.Contents Log

Page 45

PrefaceThis guide provides the information you need to work with your McAfee product.Contents About this guide Find product documentationAbout t

Page 46

Update user telephone numbersTo ensure that one-time passwords are delivered to the correct devices, keep the user telephonenumber current.Task1Double

Page 47 - Configure SMTP settings

Enable the Pledge Profile ServiceTo enable users to use Pledge, configure the Pledge Profile Service settings.Task1Double-click the user account.2Clic

Page 48

Generate user PINsWhen enabled, generate PINs that are used for authentication.Task1Double-click the user account.2Click the PIN Code tab.3Click Gener

Page 49 - Search for users and tokens

10MaintenanceMaintain the Enterprise Authentication software.Contents Uninstall the software Uninstall cluster installationsUninstall the softwa

Page 50 - Assign and manage tokens

10MaintenanceUninstall cluster installations54McAfee Enterprise Authentication 1.0.0 Product Guide

Page 51 - Manage tokens

IndexAabout this guide 5actions 35active directory 22, 42administration interface 12administration interface, log on 30administrator accountbuilt-in 3

Page 52 - Generate user PINs

EEnterprise Authenticationabout 7how it works 7Ggrant number 27guided configurationradius authentication flow 36saml identity provider 37Hhardware mem

Page 53 - Maintenance

WWeb Managerlog on 49logon credentials 46permissions 13pin 52Pledge Profile Service 51reset user lockout 50Web Manager (continued)token search 49token

Page 54

0-A00

Page 55

Find product documentationAfter a product is released, information about the product is entered into the McAfee online KnowledgeCenter.Task1Go to the

Page 56

1IntroductionProtect your enterprise network data and resources against unauthorized access by integratingMcAfee® Enterprise Authentication (Enterpris

Page 57

• Remote Authentication Dial-In User Service (RADIUS)• Security Assertion Markup Language (SAML)• Hyper Text Transfer Protocol/Secure Sockets Layer (H

Page 58

DeploymentBefore you deploy Enterprise Authentication on your network, consider youroptions and create your deployment plan.Chapter 2 Deployment optio

Comments to this Manuals

No comments