SlideShare a Scribd company logo

Access control

Download as PPTX, PDF
Aravindan A
Aravindan A

Access control

Technology
1 of 7
Access Control
Topics Covered: • Overview • ConfigurationSteps • DualAuthentication • Multi-domainLDAPAuthentication
Access Control Overview • TheWAF can authenticateusersusingexternalauthenticationservices • Authenticationcanbeimplemented onlyforHTTPorHTTPSservice • Avalidated userhas accessdependingon hisauthorization privileges Tommy Username Password tommy ******** Submit WAF Authentication Authorization Service Web Server login_page.html Authentication Server • 5 – Access Control
Access Control Configuration Steps 1. Configure anAuthenticationDatabase a. External b. Internal 2. AssociatetheAuthenticationDatabasetoyourService 3. Configure theAuthorization Policyforyour Service 2 3 1b1a • 5 – Access Control
Dual Authentication • Authenticationmodule supportsdualauthentication • LDAP(Primary) • RSASecurID(Secondary) • Radiuswith OTP(Secondary) • 5 – Access Control Tommy LDAP RSA / Radius WAF Primary Authentication Secondary Authentication
Multi-domain Authentication • Allows the configurationof multiple domains fora service • Loginformat: domainusername • Userswithoutdomain are authenticatedagainstthe default domain • 5 – Access Control WAF Service jupiterjohn plutotommy Tommy Jupiter Domain Pluto Domain John
Access Control • ACCESSCONTROL> AuthenticationServices • Configure anLDAPserver • ACCESSCONTROL > Authentication • Bindtheconfigured LDAPserver withaservice • ACCESSCONTROL > Authorization • Createanauthorizationpolicy • 5 – Access Control Live Demo

Recommended

Securing mobile user
Securing mobile userSecuring mobile user
Securing mobile user
Lan & Wan Solutions
 
Web proxy server
Web proxy serverWeb proxy server
Web proxy server
Vikas Merugu
 
End point control
End point controlEnd point control
End point control
Lan & Wan Solutions
 
Useridentity 150909123719-lva1-app6891
Useridentity 150909123719-lva1-app6891Useridentity 150909123719-lva1-app6891
Useridentity 150909123719-lva1-app6891
Lan & Wan Solutions
 
Virtual Private Networks
Virtual Private NetworksVirtual Private Networks
Virtual Private Networks
primeteacher32
 
Proxy Presentation
Proxy PresentationProxy Presentation
Proxy Presentation
primeteacher32
 
Calling Sametime, adding telephony to IBM Connections
Calling Sametime, adding telephony to IBM ConnectionsCalling Sametime, adding telephony to IBM Connections
Calling Sametime, adding telephony to IBM Connections
Gert van Kempen
 
Calling Connections, setting up Sametime (SUT Light) calls from Connections
Calling Connections, setting up Sametime (SUT Light) calls from ConnectionsCalling Connections, setting up Sametime (SUT Light) calls from Connections
Calling Connections, setting up Sametime (SUT Light) calls from Connections
LetsConnect
 

Recommended

Securing mobile user
Securing mobile userSecuring mobile user
Securing mobile user
Lan & Wan Solutions
 
Web proxy server
Web proxy serverWeb proxy server
Web proxy server
Vikas Merugu
 
End point control
End point controlEnd point control
End point control
Lan & Wan Solutions
 
Useridentity 150909123719-lva1-app6891
Useridentity 150909123719-lva1-app6891Useridentity 150909123719-lva1-app6891
Useridentity 150909123719-lva1-app6891
Lan & Wan Solutions
 
Virtual Private Networks
Virtual Private NetworksVirtual Private Networks
Virtual Private Networks
primeteacher32
 
Proxy Presentation
Proxy PresentationProxy Presentation
Proxy Presentation
primeteacher32
 
Calling Sametime, adding telephony to IBM Connections
Calling Sametime, adding telephony to IBM ConnectionsCalling Sametime, adding telephony to IBM Connections
Calling Sametime, adding telephony to IBM Connections
Gert van Kempen
 
Calling Connections, setting up Sametime (SUT Light) calls from Connections
Calling Connections, setting up Sametime (SUT Light) calls from ConnectionsCalling Connections, setting up Sametime (SUT Light) calls from Connections
Calling Connections, setting up Sametime (SUT Light) calls from Connections
LetsConnect
 
Iuwne10 S04 L04
Iuwne10 S04 L04Iuwne10 S04 L04
Iuwne10 S04 L04
Ravi Ranjan
 
Design Pattern Logical Model
Design Pattern Logical ModelDesign Pattern Logical Model
Design Pattern Logical Model
Mike Reams
 
CNIT 129S: 8: Attacking Access Controls
CNIT 129S: 8: Attacking Access ControlsCNIT 129S: 8: Attacking Access Controls
CNIT 129S: 8: Attacking Access Controls
Sam Bowne
 
[Webinar] End User Experience Monitoring with Site24x7
[Webinar] End User Experience Monitoring with Site24x7[Webinar] End User Experience Monitoring with Site24x7
[Webinar] End User Experience Monitoring with Site24x7
Site24x7
 
Aria ccs ivr
Aria ccs ivrAria ccs ivr
Aria ccs ivr
rsaini12
 
PHP Access Control: TERMINALFOUR t44u
PHP Access Control: TERMINALFOUR t44uPHP Access Control: TERMINALFOUR t44u
PHP Access Control: TERMINALFOUR t44u
Terminalfour
 
Proxy
ProxyProxy
Proxy
Triad Square InfoSec
 
OMNITRACKER Core Components
OMNITRACKER Core ComponentsOMNITRACKER Core Components
OMNITRACKER Core Components
Michael Dobner
 
CNIT 129S - Ch 6a: Attacking Authentication
CNIT 129S - Ch 6a: Attacking AuthenticationCNIT 129S - Ch 6a: Attacking Authentication
CNIT 129S - Ch 6a: Attacking Authentication
Sam Bowne
 
OAuth
OAuthOAuth
OAuth
Vijay Naik
 
Add a web server
Add a web serverAdd a web server
Add a web server
AgCharu
 
Sample Template for Single Sign-On (SSO)
Sample Template for Single Sign-On (SSO)Sample Template for Single Sign-On (SSO)
Sample Template for Single Sign-On (SSO)
Mike Reams
 
Site24x7 Server Monitoring from the Cloud
Site24x7 Server Monitoring from the CloudSite24x7 Server Monitoring from the Cloud
Site24x7 Server Monitoring from the Cloud
Site24x7
 
Wap wml
Wap wmlWap wml
Wap wml
Ankit Anand
 
Ibm tivoli access manager online training
Ibm tivoli access manager online trainingIbm tivoli access manager online training
Ibm tivoli access manager online training
FuturePoint Technologies
 
WAF deployment
WAF deploymentWAF deployment
WAF deployment
Aravindan A
 
Increase IBM i Security & Accelerate Compliance with New Syncsort Security Re...
Increase IBM i Security & Accelerate Compliance with New Syncsort Security Re...Increase IBM i Security & Accelerate Compliance with New Syncsort Security Re...
Increase IBM i Security & Accelerate Compliance with New Syncsort Security Re...
Precisely
 
59264945-Websphere-Security.pdf
59264945-Websphere-Security.pdf59264945-Websphere-Security.pdf
59264945-Websphere-Security.pdf
DeepakAC3
 
Basic security and Barracuda VRS
Basic security and Barracuda VRSBasic security and Barracuda VRS
Basic security and Barracuda VRS
Aravindan A
 
“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything
Dave Hay
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
PortalGuard dba PistolStar, Inc.
 
CloudStack Identity and Access Management (IAM)
CloudStack Identity and Access Management (IAM)CloudStack Identity and Access Management (IAM)
CloudStack Identity and Access Management (IAM)
Min Chen
 

More Related Content

What's hot

Aria ccs ivr
Aria ccs ivrAria ccs ivr
Aria ccs ivr
rsaini12
 
OMNITRACKER Core Components
OMNITRACKER Core ComponentsOMNITRACKER Core Components
OMNITRACKER Core Components
Michael Dobner
 

What's hot (15)

Iuwne10 S04 L04
Iuwne10 S04 L04Iuwne10 S04 L04
Iuwne10 S04 L04
 
Design Pattern Logical Model
Design Pattern Logical ModelDesign Pattern Logical Model
Design Pattern Logical Model
 
CNIT 129S: 8: Attacking Access Controls
CNIT 129S: 8: Attacking Access ControlsCNIT 129S: 8: Attacking Access Controls
CNIT 129S: 8: Attacking Access Controls
 
[Webinar] End User Experience Monitoring with Site24x7
[Webinar] End User Experience Monitoring with Site24x7[Webinar] End User Experience Monitoring with Site24x7
[Webinar] End User Experience Monitoring with Site24x7
 
Aria ccs ivr
Aria ccs ivrAria ccs ivr
Aria ccs ivr
 
PHP Access Control: TERMINALFOUR t44u
PHP Access Control: TERMINALFOUR t44uPHP Access Control: TERMINALFOUR t44u
PHP Access Control: TERMINALFOUR t44u
 
Proxy
ProxyProxy
Proxy
 
OMNITRACKER Core Components
OMNITRACKER Core ComponentsOMNITRACKER Core Components
OMNITRACKER Core Components
 
CNIT 129S - Ch 6a: Attacking Authentication
CNIT 129S - Ch 6a: Attacking AuthenticationCNIT 129S - Ch 6a: Attacking Authentication
CNIT 129S - Ch 6a: Attacking Authentication
 
OAuth
OAuthOAuth
OAuth
 
Add a web server
Add a web serverAdd a web server
Add a web server
 
Sample Template for Single Sign-On (SSO)
Sample Template for Single Sign-On (SSO)Sample Template for Single Sign-On (SSO)
Sample Template for Single Sign-On (SSO)
 
Site24x7 Server Monitoring from the Cloud
Site24x7 Server Monitoring from the CloudSite24x7 Server Monitoring from the Cloud
Site24x7 Server Monitoring from the Cloud
 
Wap wml
Wap wmlWap wml
Wap wml
 
Ibm tivoli access manager online training
Ibm tivoli access manager online trainingIbm tivoli access manager online training
Ibm tivoli access manager online training
 

Similar to Access control

Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM i
Precisely
 
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...
Howard Greenberg
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM i
Precisely
 
«How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga «How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga
0xdec0de
 

Similar to Access control (20)

WAF deployment
WAF deploymentWAF deployment
WAF deployment
 
Increase IBM i Security & Accelerate Compliance with New Syncsort Security Re...
Increase IBM i Security & Accelerate Compliance with New Syncsort Security Re...Increase IBM i Security & Accelerate Compliance with New Syncsort Security Re...
Increase IBM i Security & Accelerate Compliance with New Syncsort Security Re...
 
59264945-Websphere-Security.pdf
59264945-Websphere-Security.pdf59264945-Websphere-Security.pdf
59264945-Websphere-Security.pdf
 
Basic security and Barracuda VRS
Basic security and Barracuda VRSBasic security and Barracuda VRS
Basic security and Barracuda VRS
 
“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
CloudStack Identity and Access Management (IAM)
CloudStack Identity and Access Management (IAM)CloudStack Identity and Access Management (IAM)
CloudStack Identity and Access Management (IAM)
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM i
 
F5 TMOS v13.0
F5 TMOS v13.0F5 TMOS v13.0
F5 TMOS v13.0
 
Service management Dec 11
Service management Dec 11Service management Dec 11
Service management Dec 11
 
Service Management Dec 11
Service Management Dec 11Service Management Dec 11
Service Management Dec 11
 
Api security
Api security Api security
Api security
 
SharePoint Authentication And Authorization SPTechCon San Francisco
SharePoint Authentication And Authorization SPTechCon San FranciscoSharePoint Authentication And Authorization SPTechCon San Francisco
SharePoint Authentication And Authorization SPTechCon San Francisco
 
2022 APIsecure_Passwordless Multi-factor Authentication Security and Identity
2022 APIsecure_Passwordless Multi-factor Authentication Security and Identity2022 APIsecure_Passwordless Multi-factor Authentication Security and Identity
2022 APIsecure_Passwordless Multi-factor Authentication Security and Identity
 
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...
October OpenNTF Webinar - What we like about Domino/Notes 12, recommended new...
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM i
 
PortalGuard Product Tour
PortalGuard Product TourPortalGuard Product Tour
PortalGuard Product Tour
 
Ch 6: Attacking Authentication
Ch 6: Attacking AuthenticationCh 6: Attacking Authentication
Ch 6: Attacking Authentication
 
«How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga «How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga
 
Redesigning Password Authentication for the Modern Web
Redesigning Password Authentication for the Modern WebRedesigning Password Authentication for the Modern Web
Redesigning Password Authentication for the Modern Web
 

More from Aravindan A

More from Aravindan A (14)

Application delivery
Application deliveryApplication delivery
Application delivery
 
Barracuda WAF deployment in AWS
Barracuda WAF deployment in AWSBarracuda WAF deployment in AWS
Barracuda WAF deployment in AWS
 
Barracuda WAF Deployment in Microsoft Azure
Barracuda WAF Deployment in Microsoft AzureBarracuda WAF Deployment in Microsoft Azure
Barracuda WAF Deployment in Microsoft Azure
 
Api sec demo_updated_v2
Api sec demo_updated_v2Api sec demo_updated_v2
Api sec demo_updated_v2
 
WAF CC Introduction
WAF CC IntroductionWAF CC Introduction
WAF CC Introduction
 
System administration
System administrationSystem administration
System administration
 
Devops
DevopsDevops
Devops
 
Advanced networking
Advanced networkingAdvanced networking
Advanced networking
 
Reporting
ReportingReporting
Reporting
 
Logging intro
Logging introLogging intro
Logging intro
 
Application delivery
Application deliveryApplication delivery
Application delivery
 
Advanced security in Barracuda WAF
Advanced security in Barracuda WAFAdvanced security in Barracuda WAF
Advanced security in Barracuda WAF
 
application security basics
application security basicsapplication security basics
application security basics
 
general protocol basics
general protocol basicsgeneral protocol basics
general protocol basics
 

Recently uploaded

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

Access control

  • 2. Topics Covered: • Overview • ConfigurationSteps • DualAuthentication • Multi-domainLDAPAuthentication
  • 3. Access Control Overview • TheWAF can authenticateusersusingexternalauthenticationservices • Authenticationcanbeimplemented onlyforHTTPorHTTPSservice • Avalidated userhas accessdependingon hisauthorization privileges Tommy Username Password tommy ******** Submit WAF Authentication Authorization Service Web Server login_page.html Authentication Server • 5 – Access Control
  • 4. Access Control Configuration Steps 1. Configure anAuthenticationDatabase a. External b. Internal 2. AssociatetheAuthenticationDatabasetoyourService 3. Configure theAuthorization Policyforyour Service 2 3 1b1a • 5 – Access Control
  • 5. Dual Authentication • Authenticationmodule supportsdualauthentication • LDAP(Primary) • RSASecurID(Secondary) • Radiuswith OTP(Secondary) • 5 – Access Control Tommy LDAP RSA / Radius WAF Primary Authentication Secondary Authentication
  • 6. Multi-domain Authentication • Allows the configurationof multiple domains fora service • Loginformat: domainusername • Userswithoutdomain are authenticatedagainstthe default domain • 5 – Access Control WAF Service jupiterjohn plutotommy Tommy Jupiter Domain Pluto Domain John
  • 7. Access Control • ACCESSCONTROL> AuthenticationServices • Configure anLDAPserver • ACCESSCONTROL > Authentication • Bindtheconfigured LDAPserver withaservice • ACCESSCONTROL > Authorization • Createanauthorizationpolicy • 5 – Access Control Live Demo