Using SafeWord for Authentication

Removing Realms

If you are retiring an authentication server or removing a domain server, you can remove any realm except for the realm named Default. You can remove the Default realm only if you immediately create a new realm named Default. For more information, see “Configuring the Default Realm” on page 65.

To remove a realm

1On the Authentication tab, open the realm you want to remove.

2On the Action menu, click Remove realm name realm.

The realm is removed.

Note

If you remove the Default realm and do not immediately replace it as described above, the Firebox SSL VPN Gateway retains the Default realm that you attempted to remove.

Using SafeWord for Authentication

Configuring Secure Computing SafeWord Authentication

The SafeWord product line provides secure authentication using a token-based passcode. After the passcode is used, it is immediately invalidated by SafeWord and cannot be used again.

The Firebox SSL VPN Gateway supports SafeWord authentication to the following Secure Computing products:

SafeWord PremierAccess

SafeWord for Citrix

SafeWord RemoteAccess

Configuring the Firebox SSL VPN Gateway to authenticate using Secure Computing’s SafeWord products can be done in several ways:

Configure authentication to use a PremierAccess RADIUS server that is installed as part of SafeWord PremierAccess and allow it to handle authentication.

Configure authentication to use the SafeWord IAS agent, which is a component of SafeWord RemoteAccess, SafeWord for WatchGuard, and SafeWord PremierAccess 4.0.

Install the SafeWord Web Interface Agent to work with the WatchGuard Web Interface. Authentication does not have to be configured on the Firebox SSL VPN Gateway and can be handled by the WatchGuard Web Interface. This configuration does not use the PremierAccess RADIUS server or the SafeWord IAS Agent.

Configuring SafeWord Settings on the Access Gateway

When configuring the SafeWord server, you need the following information:

The IP address of the Firebox SSL VPN Gateway. This should be the same as what is configured on the RADIUS server client configuration.

A shared secret. This secret is also configured on the Authentication tab on the Firebox SSL VPN Gateway.

The IP address and port of the SafeWord server.

Administration Guide

67

Page 76 Page 78
Page 77
Image 77
WatchGuard Technologies SSL VPN manual Using SafeWord for Authentication, Removing Realms, To remove a realm
Page 76 Page 78

SSL VPN specifications

WatchGuard Technologies offers a robust SSL VPN solution designed for secure remote access to corporate networks. As businesses increasingly rely on a remote workforce, the need for secure and reliable connectivity has never been more critical. WatchGuard's SSL VPN features advanced security technologies that ensure data integrity and confidentiality while enabling seamless access to applications and resources.

One of the standout features of WatchGuard's SSL VPN is its user-friendly interface. The solution is designed to simplify the user experience, enabling employees to connect to the VPN with minimal complexity. With a straightforward setup process, users can quickly establish secure connections from various devices, including laptops, smartphones, and tablets. This flexibility supports a diverse workforce, allowing employees to work from different locations without compromising security.

In addition to its ease of use, WatchGuard's SSL VPN is built on robust security technologies. It employs end-to-end encryption to safeguard data in transit, ensuring that only authorized users can access sensitive information. By utilizing SSL (Secure Sockets Layer) protocols, the VPN creates a secure tunnel between the user’s device and the corporate network, protecting against potential threats such as eavesdropping or man-in-the-middle attacks.

Moreover, WatchGuard Technologies includes multiple authentication options, adding another layer of security. The solution supports multi-factor authentication (MFA), requiring users to provide additional verification beyond just a password. This could involve mobile device verification or biometric authentication, significantly reducing the risk of unauthorized access.

Another key characteristic of WatchGuard’s SSL VPN is its integration with other WatchGuard security solutions. Businesses can benefit from a comprehensive security posture by leveraging firewalls and intrusion prevention systems along with the SSL VPN. This holistic approach ensures that remote connections are continually monitored and secured against evolving cyber threats.

Scalability is also a crucial aspect of WatchGuard's SSL VPN, accommodating growing organizations with changing needs. The solution can easily scale to support an increasing number of remote users without compromising performance. With robust performance metrics, businesses can ensure that even during peak usage times, the VPN remains responsive and reliable.

In summary, WatchGuard Technologies' SSL VPN solution combines ease of use, robust security, flexible authentication, and scalability. These features make it an ideal choice for organizations seeking to provide secure remote access to their employees while maintaining a strong defense against cyber threats. With WatchGuard, businesses can confidently navigate the challenges of a digital landscape, ensuring their network remains secure as they embrace remote work.
Top Page Image Contents