Managing User Authentication

Authentication is the process of verifying a user’s identity to ensure that the individual really is who he or she claims to be. (Authentication differs from authorization: it verifies identity, while authorization specifies access rights.) This section describes how to reference external authentication servers.

To manage user authentication, you must first define one or more external authentication servers in AMC, and then set up realms that reference those authentication servers. These are the realms that users will log in to. For information on realms, see Using Realms and Communities. You can also configure a local authentication repository on the appliance for testing, as described in Configuring Local User Storage.

In SMA 12.5.0 the following authentication servers can use IPV6 addresses:

• AD Basic

• AD Advanced (KDC mapping only)

• RADIUS (username/password and token)

• Defender (username/password and token)

• LDAP (username/password and certificate)

• RADIUS accounting (primary/secondary and NAS-IP-Address)

 

• About Intermediate Certificates

• Configuring Authentication Servers

• Configuring Microsoft Active Directory Servers

• Configuring LDAP and LDAPS Authentication

• Configuring RADIUS Authentication

• Cisco Duo Security Multi-factor Authentication Server

• User-Mapped Tunnel Addressing

• Configuring One Identity Defender with User or Token-Based Credentials

• RSA SecurID Authentication Manager

• Configuring a PKI Authentication Server

• Additional Field for Custom Certificates

• Configuring a SAML-Based Authentication Server

• Configuring Local User Storage

• Testing AD,LDAP,RADIUS and One Defender Authentication Configurations

• Configuring Chained Authentication

• Enabling Group Affinity Checking in a Realm

• Using One-Time Passwords for Added Security

• Configuring Personal Device Authorization