Manualshelf

Product guide

ManualsBrandsMcafee ManualsOtherFIREWALL 2.1-GETTING STARTED
151152153154155156157158159160
Task
1
From the Intel
®
SCS Console, click the icon to create a profile and to open the Configuration Profile
wizard.
2
In Profile Description, enter a unique name, then click Next.
3
In Optional Settings, select Access Control List (ACL), Transport Layer Security (TLS), and Active Directory Integration (if
using Kerberos authentication), then click Next.
4
If using Digest authentication, skip to the next step. Otherwise, in the Active Directory Integration page,
click ... next to Active Directory OU and select the Organizational Unit where the system is stored in the
Active Directory, then click Next.
During configuration, the Intel
®
SCS sends a request to the AD to create an object representing the
Intel
®
AMT system and adds it to the Active Directory Organizational Unit (ADOU) that you define.
5
On the Access Control List (ACL) page, click Add, then perform these steps on the User/Group Details page:
a
For User Type, select Digest User to use Digest authentication, or Active Directory User/Group to use
Kerberos authentication, as needed.
b
Provide credentials for the selected authentication type:
For Digest User, type the user name and password.
For Active Directory User/Group, click Browse, then select a domain user or group.
c
From the Access Type drop-down list, select Both.
d
For Realms, select PT Administration, then click OK.
6
On the Transport Layer Security (TLS) page, select Request certificate from Microsoft CA, then perform these
steps as needed, then click Next.
a
In Certificate Authority, select the Microsoft Certification Authority server to be used.
b
From the Server Certificate Template, select the required certificate template. Click Refresh CAs &
Templates if the newly created template is not getting populated..
c
From the Common Names (CNs) in certificate subject name, select Default CNs.
We recommend that you don't select Use mutual authentication for remote. When an Intel
®
AMT system is
configured using a profile that uses both local and remote Mutual Authentications, the Remote
Access policy enforcement to the client might fail.
7
On the System Settings page, perform these steps as needed, then click Next.
a
In Management Interfaces, select all these options:
Web UI
Serial Over LAN
IDE redirection
KVM redirection
b
In Power Management Settings, select Always on (S0-S5).
Additional information
Set up the environment for Microsoft CA authentication
A
McAfee ePO Deep Command 2.1.0 Product Guide
155