Manualshelf

Specifications

ManualsBrandsWatchguard ManualsComputer equipmentFirebox X8000
41424344454647484950
10 VACMAN Middleware
features
10.1 Installation
The VACMAN Middleware (VM) installation is very easy and straightforward. VM runs
on Windows platforms, supports a variety of databases and uses an online
registration. Different authentication methods allow a seamless integration into
existing environments.
10.1.1 Support for Windows 2000, 2003, IIS5 and IIS6
VM can be installed on Windows 2000 and Windows 2003. Web modules exist for IIS5
and IIS 6 to protect Citrix Web Interface, Citrix Secure Gateway, Citrix Secure Access
Manager (Form-based authentication), Citrix Access Gateway and Microsoft Outlook
Web Access 2000 and 2003 (Basic Authentication and Form-Based Authentication).
10.1.2 Support for ODBC databases and Active Directory
Any ODBC compliant database can be used instead of the default PostgreSQL database
(MS SQL Server, Oracle). Since Version 2.3 of VACMAN Middleware, AD is not only
intended for storage of DIGIPASS anymore, but configuration and management of
your DIGIPASS infrastructure is now also full integrated into the AD management
tools. This option requires an AD schema update.
10.2 Deployment
Several VACMAN Middleware features exist to facilitate deployment. Combining these
features provides different deployment scenarios from manual to fully automatic.
10.2.1 Dynamic User Registration (DUR)
This feature allows VM to check a username and password not in the database with a
back-end RADIUS server or a Windows domain controller and, if username and
password are valid, to create the username in the VM database.
10.2.2 Autolearn Passwords
Saves administrators time and effort by allowing them to change a user’s password in
one location only. If a user tries to log in with a password that does not match the
password stored in the VM database, VM can verify it with the back-end RADIUS
server or the Windows domain controller and, if correct, store it for future use.
10.2.3 Stored Password Proxy
Allows VM to save a user’s RADIUS server password or Windows domain controller
password in the database (static password). User’s can then log in with only username
and dynamic one-time password (OTP). If this feature is disabled, users must log in
with username and static password immediately followed by the OTP.
10.2.4 Authentication Methods
Different authentication methods can be set on server level and on user level: local
authentication (VM only), Back-End authentication (Windows or RADIUS). On top of
that a combination of local and back-end can be configured. The additional parameters
‘always’, ‘if needed’ and ‘never’ offers you additional customization of the back-end
authentication process.
DIGIPASS Authentication for WatchGuard Firebox - Integration Guideline V1.0
© 2007 VASCO Data Security. All rights reserved. Page 50 of 54