Celestix MSA 4200 Series Installation Guide Page 55
- Page / 101
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
51 | Page Celestix HOTPin Appliance Installation Guide
To access token provider properties:
Navigate to HOTPin|Providers. 1.
Select a provider from the list. 2.
Click Properties. 3.
Properties will vary among the different providers. See the individual provider’s
section for details about configuration.
Provider Security Considerations
This section discusses some issues that system administrators should review
when considering the use of token providers in a HOTPin system deployment.
You should evaluate the risks to determine whether provider options are
acceptable for your organization.
A token provider is as secure as the encryption method for the technology being
used. If email is sent in plain text, or the HTTP provider is not deployed with
SSL/TLS, then the sent token code is vulnerable. Both email and HTTP traffic
can be sniffed or intercepted while traveling over the Internet; you should
consider whether using HTTPS options provide the necessary level of security.
SMS messages are handled by third-party service carriers and you should
review the technology for any issues that may compromise secure access to
your network resources.
Please Note: To use a stolen code, the malicious user would need to know
where to log in as well as the user name and PIN* for the account
the intercepted code belongs to (*if PIN requirement is enabled).
To decrease potential risk for provider options, the next available token code is:
Sent only once to the user.
Valid for a limited amount of time. See Configure System Settings :
Token Provider for Sent Code TTL (time to live).
It is also important to note that the loss of a single token code does not
compromise the system as it does not provide information that would allow a
hacker to guess the next token value. A lost user device with active client
software, for example, does represent a security issue (thus for client software
deployments, users should be instructed to report lost devices immediately).
System administrators can also improve security by incrementing a user's
authentication failure counter each time a token provider sends the user a token
code. When the maximum is reached the account is locked out (see Configure
System Settings : Authentication : Maximum Authentication Failures).
- Installation Guide 1
- Contents 4
- Introduction 5
- Document conventions: 6
- Web User Interface 7
- Verify Package Contents 8
- Appliance Hardware Features 9
- HOTPin System Overview 10
- User Authentication 11
- User Login Information 12
- General Setup Information 12
- Version Information 13
- Active Directory 13
- The Next Step 14
- Accounts section 15
- Install the Appliance 16
- Network Settings 17
- Rack Your Appliance 18
- To connect your appliance: 19
- Front Panel Display 21
- Jog Dial Operation 21
- Configure the HOTPin System 23
- Configure Initial Access 24
- Quick Setup Steps 26
- Date/Time 27
- Administrator Password 28
- Server Name 28
- Server Membership 29
- Alert Email 30
- Configure the Application 31
- Install Your License 32
- Configure System Settings 33
- General Tab 34
- Event Log Tab 35
- Backup Tab 36
- Enable the User Website 37
- User Site Disabled 38
- User Site w/ All Features 38
- Website Access 39
- Manage User Site Settings 39
- Configure Website Settings 41
- Configure AD Settings 43
- User Website Notes 44
- Configure AD Synchronization 45
- Synchronization Overview 46
- Sync Process Functionality 47
- • Click OK 50
- Manual Sync 51
- Import External Token Keys 52
- Configure Token Providers 54
- Test Provider Feature 56
- Token Provider Options 56
- COM Port Locations 62
- HOTPin User Accounts 64
- Manage User Accounts 65
- Add a User 67
- New User Property Settings 68
- Change User Account Settings 69
- Edit Individual Users 70
- Token Tab 71
- Edit Groups of Users 72
- Import Users 74
- Importing from a Text File 77
- To assign an external key: 78
- Client Software 79
- Download User Token Key 80
- Key Configuration Formats 81
- QR Code 82
- Create a System Image 84
- To create a system image: 85
- To create an LGV: 86
- Update Software 87
- Appendices 88
- HOTPin Glossary 89
- AD Synchronization 94
- Additional Features 97
- API Extensions 98
- Safety Precautions 99
- Property 101
- Network Information 101
Related products and manuals for Gateways/controllers Celestix MSA 4200 Series
(9 pages)
(6 pages)© 2020, manymanuals.com. All rights reserved. | 1.900 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals