HP X Unified Security Platform manual 268

STEP 1

STEP 2

STEP 3

STEP 4

A user logs on to the device to gain access to network resources.

To access network services through the device Firewall, the user opens up a standard Web browser and logs in using the LAN IP address of the device via HTTPS.

When prompted, the user enters a username and password.

The device authenticates the user (checks that the user is listed in the database and that the username and password are correct). Two methods are available for user authentication:

•Using a RADIUS authentication server. The preferred method, for large networks.

•Using the local X family database. This can be used if no RADIUS server is available, typically for small networks.

If no matching username and password can be located in the database, the firewall denies the login request.

If a matching user is found, the firewall applies the privileges associated with the privilege group to which the user belongs.

When a user requests a network service in another security zone, the device applies the relevant firewall rule for the type of service or application being requested:

If a firewall rule is restricted to authenticated users and the user requesting the service is not in a privilege group that requires Firewall Rule Authentication, firewall rule matching skips to the next firewall rule in the table looking for a match.

STEP 1

STEP 2

STEP 3

From the LSM menu, select Authentication > RADIUS.

On the RADIUS page, check Enable RADIUS authentication to use remote user authentica- tion.

To specify the activities managed by RADIUS authentication, check User Authentication and/or VPN Client Access.