8.2. Authentication Setup
8.2.1. Setup Summary
The following list summarizes the steps for User Authentication setup with NetDefendOS:
•
Have an
authentication source
which consists of a database of users, each with a
username/password combination. Any of the following can be an authentication source:
i.
A local user database internal to NetDefendOS.
ii.
A
RADIUS server
which is external to the NetDefend Firewall.
iii.
An
LDAP Server
which is also external to the NetDefend Firewall.
•
Define an
Authentication Rule
which describes which traffic passing through the firewall is to
be authenticated and which
authentication source
will be used to perform the authentication.
These are described further in
Section 8.2.5, “Authentication Rules”
.
•
If required, define an IP object for the IP addresses of the clients that will be authenticated.
This can be associated directly with an authentication rule as the originator IP or can be
associated with an
Authentication Group
.
•
Set up IP rules to allow the authentication to take place and also to allow access to resources
by the clients belonging to the IP object set up in the previous step.
The sections that follow describe the components of these steps in detail. These are:
•
Section 8.2.2, “Local User Databases”
•
Section 8.2.3, “External RADIUS Servers”
•
Section 8.2.4, “External LDAP Servers”
•
Section 8.2.5, “Authentication Rules”
8.2.2. Local User Databases
A
Local User Database
is a registry internal to NetDefendOS which contains the profiles of
authorized users and user groups. Combinations of usernames/password can be entered into
these with passwords stored using reversible cryptography for security. By default, a single local
user database exists called
AdminUsers
. Extra databases can be created by the administrator as
required.
Example 8.1. Creating a Local User Database
This example shows how to create a new user database called
lan_users
.
Command-Line Interface
gw-world:/> add LocalUserDatabase lan_users
Chapter 8: User Authentication
610
Summary of Contents for NetDefendOS
Page 30: ...Figure 1 3 Packet Flow Schematic Part III Chapter 1 NetDefendOS Overview 30 ...
Page 32: ...Chapter 1 NetDefendOS Overview 32 ...
Page 144: ...Chapter 2 Management and Maintenance 144 ...
Page 284: ...Chapter 3 Fundamentals 284 ...
Page 392: ...Chapter 4 Routing 392 ...
Page 419: ... Host 2001 DB8 1 MAC 00 90 12 13 14 15 5 Click OK Chapter 5 DHCP Services 419 ...
Page 420: ...Chapter 5 DHCP Services 420 ...
Page 573: ...Chapter 6 Security Mechanisms 573 ...
Page 607: ...Chapter 7 Address Translation 607 ...
Page 666: ...Chapter 8 User Authentication 666 ...
Page 775: ...Chapter 9 VPN 775 ...
Page 819: ...Chapter 10 Traffic Management 819 ...
Page 842: ...Chapter 11 High Availability 842 ...
Page 866: ...Default Enabled Chapter 13 Advanced Settings 866 ...
Page 879: ...Chapter 13 Advanced Settings 879 ...