Accops HySecure 5.4 Knowledge Center

Release
Notes
Release
Notes
- 5.4 SP 6
  5.4 SP 6
- 5.4 SP 5
  5.4 SP 5
- 5.4 SP 2
  5.4 SP 2
- 5.4 (Version 5.4.2.7 GU0005-56)
  5.4 (Version 5.4.2.7 GU0005-56)
- 5.4 (Version 5.4.2.7 GU0005-40)
  5.4 (Version 5.4.2.7 GU0005-40)
- 5.4 (Version 5.4.2.7 GU0005)
  5.4 (Version 5.4.2.7 GU0005)
- 5.4 (Version 5.4.2.7)
  5.4 (Version 5.4.2.7)
- Terminologies
- Acronyms
Getting
Started
Getting
Started
- Overview
  Overview
  - About HySecure
  - HySecure Components
- Workflow
- Planning
  Planning
  - License Planning
  - Deployment Planning
  - Sizing
  - Network Planning
  - Port
  - System Requirements
    System Requirements
    
    Gateway
    
    Clients
  - Security
  - Authentication Integration
- Prepare HySecure For SO Access
  Prepare HySecure For SO Access
  - Getting HySecure
  - Installing HySecure Gateway
  - Setting Up HySecure
    Setting Up HySecure
    
    Network Set Up
    Network Set Up
    
    On-Premise
    
    Cloud
    Cloud
    
    AWS
    
    Azure
    
    Completing the System Configuration
    
    Configuring HySecure For SO Access
    Configuring HySecure For SO Access
    
    Register First Security Officer
    
    Enrolling First Security Officer
    
    Logging in as an SO
- Setup Cluster
  Setup Cluster
  - First Node
  - Subsequent Nodes(Optional)
- Configuring HySecure For User Access
  Configuring HySecure For User Access
  - Directory Server Integration
  - Publish Applications
    Publish Applications
    
    Add Applications
    
    Create Application Group
    
    Create Access Control
  - Changing to 'Run' State
- Enabling Access Modes
  Enabling Access Modes
  - Access Modes
  - Getting Hysecure Clients
Installation
Installation
- Supported Platforms
  Supported Platforms
  - Gateway
  - Clients
- On-Premise
  On-Premise
  - Custom Appliance
- Virtual Machine
  Virtual Machine
  - Installation on VMWare
  - Installation on Hyper-V
- Cloud Installation
  Cloud Installation
  - Installation on Azure
  - AWS
    AWS
    
    Installation on AWS
    
    Multizone Deployment
- Backup Cluster setup
- Upgrading HySecure
  Upgrading HySecure
  - Upgrading Gateway
    Upgrading Gateway
    
    Standalone setup (Deprecated)
    
    Cluster setup
    Cluster setup
    
    About Upgrading HySecure Cluster
    
    Upgrade Standby Cluster Manager Node
    
    Upgrade Dedicated Gateway Node
    
    Upgrade Old (last) Active Cluster Manager Node
    
    Restart the cluster
Core Concepts &
Feature Overview
Core Concepts &
Feature Overview
- Overview
  Overview
- Licensing
  Licensing
- Best Practices
- Deployment Modes
  Deployment Modes
  - Overview
  - N-node Cluster
  - Cluster Setup
    Cluster Setup
    
    Workflow
    
    Setting Up Nodes
    
    Licensing
    
    Setting Up Cluster On Cloud
    
    Monitoring Cluster Status
- Policies
  Policies
  - Gateway Level
    Gateway Level
    
    Password Policy
  - HySecure Domain Based
    HySecure Domain Based
    
    Host Scan
    
    Device Profile
  - User / User Group Based
    User / User Group Based
    
    Application Access
    
    Device ID
    
    Endpoint Protection
    
    Notification
    
    Account Lockout
    
    Endpoint Security
    
    HyID
    (Two Factor Authentication)
- Integration
  Integration
  - Authentication Servers
    Authentication Servers
    
    Active Directory / LDAP
    
    RADIUS
    
    SAML
    
    Biometric
  - HyWorks Integration
    HyWorks Integration
    
    Overview
    
    Publish HyWorks Application
  - SMTP Server
  - SMS Gateway
  - SSO With SAML Apps
    SSO With SAML Apps
    
    Overview
    
    G-Suite Apps
    
    Salesforce
    
    Office 365 Apps
  - SysLog / Reporting (ARS) Server
  - 3rd Party SSL Certificate
Management
Console
Management
Console
- Monitor
  Monitor
- User
  User
- Apps
  Apps
  - Apps
  - Apps Groups
- Devices
  Devices
  - Devices
  - Authentication Devices
- Policies
  Policies
  - Access Control List
  - HyID Policy
  - Endpoint Security Policies
    Endpoint Security Policies
    
    Host Scan
    
    Device Profiles
  - Password
  - Client Profiles
  - IP Address Pool
  - Time Access Filters
  - Hardware Tokens
  - App Whitelisting Rules
- Sites
  Sites
  - Site
  - Multi-site
    Multi-site
    
    Multi-site Configuration
    
    Multi-site Synchronization
    
    Site Preference
    
    Sync Schedule
  - Site Group
- Reports
  Reports
  - Logs
    Logs
    
    Activity
    
    User
    
    Admin
    
    HyID
    
    Endpoint Scan
  - Reports
    Reports
    
    General Report
    
    User Report
    
    Domain Report
    
    Application-based Report
- Diagnose
  Diagnose
- Settings
  Settings
  - Authentication
    Authentication
    
    HySecure Domain
    
    Authentication Domain
    
    Authentication Servers
    Authentication Servers
    
    AD/LDAP Server
    
    RADIUS Server
    
    SAML Identity Provider
    SAML Identity Provider
    
    Overview
    
    Configuration
    
    Biometric
    Biometric
    
    Overview
    
    Terminologies
    
    Enrollment Portal
    
    Configuration
  - Services Configuration
    Services Configuration
    
    Turbo Tunnel
    
    Gateway State
    
    HyLite Configuration
    
    Remote Meeting
    
    Database
    
    SSH Server
    
    Reverse Proxy
    
    SAML Identity Provider (IdP)
    
    Authentication Site
    
    LIS Configuration
    
    External Authentiation
  - Global
    Global
    
    Server
    
    Client
  - General Settings
    General Settings
    
    Backup And Restore
    
    Auto Backup
    
    License Management
    
    Upgrade Firmware
    
    SSL Certificate
  - Cluster
    Cluster
    
    About High Availability
    
    Installation Type
    
    Change Cluster Status
    
    Configure
  - Messaging
    Messaging
    
    SMTP
    
    SMS Gateway
  - Network Settings
    Network Settings
    
    Network
    
    Routes
  - Logs
    Logs
    
    Log Archival
    
    Syslog
    
    Alert Manager
  - Theme
    Theme
    
    Customise Theme
Knowledge Base
Knowledge Base

Authentication Integration

HySecure can use existing Microsoft Active Directory, LDAP directory services, Novell e-Directory or RADIUS server for user authentication and authorization.

Following are the details required to configure user authentication:

Hostname or IP address of the directory server
Search path (domain root or an OU) under which all the target user account exists
A service account with credentials (non-interactive login user) with rights, in FQDN format
Shared secret in case of RADIUS server
Ports to be opened from HySecure to Authentication Server

#	Traffic Direction To Be Allowed	Port Number	HySecure Deployed in
1.	Outbound Traffic from HySecure Node(s) to Authentication Servers	- 389 for User Authentication - 636 for User Password Change or Secure Authentication - UDP 1812 for integrating a RADIUS Server	DMZ