Specifications

10.3.3 User Self Management Web Site

A web site running on IIS has been developed to allow users to register themselves to

the VM with their username and back-end (RADIUS or Windows) password, to do a

DIGIPASS self assign, to update their back-end password stored in the VM database,

to do a change PIN (Go-1/Go-3 DIGIPASS), to do a DIGIPASS test.

Figure 89: VM Features (3)

10.3.4 Delegated administration

Administration can be delegated by appointing different administrators per

organizational unit (OU). These administrators can only see the DIGIPASS and users

that were added to his OU.

10.3.5 Granular access rights

It is possible in VACMAN Middleware to setup different permission per user. This can

be in function of a domain or an organizational unit. Administrators belonging to the

Master Domain may be assigned administration privileges for all domains in the

database, or just their own domain. Administrators belonging to any other Domain will

have the assigned administration privileges for that Domain only.

It’s possible to set different operator access levels.

E.g. A user can be created that only has the rights to unlock a DIGIPASS.

Figure 90: VM Features (4)

DIGIPASS Authentication for WatchGuard Firebox - Integration Guideline V1.0