• The Security tab
This tab consists of the following settings:
i. Encryption key - This is the key used to encrypt communication with NetDefendOS. By
default, this value will be the same as the default value of the Pre-Shared Key property of
the corresponding NetDefendOS Authentication Agent object. For improved security, it is
recommended that this key is changed by the administrator, both for the IDA and the
corresponding NetDefendOS Authentication Agent object.
ii. Allowed IPs/networks - This specifies the source IPv4 addresses from which the IDA will
accept NetDefendOS connections. The default value of 0.0.0.0/0 means all IPv4 addresses
are acceptable. The administrator can improve security by narrowing this to a specific
network or IP address where the connecting NetDefend Firewall is located.
Figure 8.6. The Security Tab in the IDA Interface
• The Excluded Users tab
In this tab, it is possible to set up an exclusion list for the IDA so that users on the list will not
have their authentication status sent back to NetDefendOS by the IDA service. The full User
Principal Name (UPN) must be used to specify excluded users, for example:
myusername@mydomainname.local
.
Often, it is appropriate to include the administrator's own account on this exclusion list. The
excluded users feature exists only in version 1.01.00 or later of the IDA software.
Chapter 8: User Authentication
647
To Next Page
Loading...
