Scribd Logo
Upload

Welcome to Scribd!

  • Configure Single Sign-On Using STAS On XG Firewall: Start

    Uploaded by

    Jose G. Duran
    47 views65 pages
    This document provides instructions for configuring single sign-on using Sophos Transparent Authentication Suite (STAS) on an XG Firewall. The steps include enabling STAS on the firewall, adding a collector IP, downloading and installing the STAS software, configuring the collector, agent, and exclusion list, and then testing authentication by logging in as a user.

    Original Description:

    Original Title

    Stas

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides instructions for configuring single sign-on using Sophos Transparent Authentication Suite (STAS) on an XG Firewall. The steps include enabling STAS on the firewall, adding a collector IP, downloading and installing the STAS software, configuring the collector, agent, and exclusion list, and then testing authentication by logging in as a user.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    47 views65 pages

    Configure Single Sign-On Using STAS On XG Firewall: Start

    Uploaded by

    Jose G. Duran
    This document provides instructions for configuring single sign-on using Sophos Transparent Authentication Suite (STAS) on an XG Firewall. The steps include enabling STAS on the firewall, adding a collector IP, downloading and installing the STAS software, configuring the collector, agent, and exclusion list, and then testing authentication by logging in as a user.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 65

    Configure Single Sign-On Using STAS on XG Firewall

    In this simulation you will configure single sign-on using the Sophos Transparent
    Authentication Suite (STAS) on XG Firewall. You will then test your configuration.

    Review the information at each stage and follow the instructions to advance to the
    next step.

    Start
    Login to London Gateway 1 as admin
    Simulation
    Select CONFIGURE > Authentication in the left-hand menu
    Simulation
    Select the STAS tab
    Simulation
    Click the toggle to Enable Sophos Transparent Authentication Suite
    Simulation
    Click Activate STAS
    Simulation
    Click Add new collector
    Collectors are the severs that will send the authentication data to XG Firewall
    Simulation
    In the ‘Collector IP’ field enter 172.16.16.10
    Click Save
    Simulation
    Click on the ellipses tab
    Simulation
    Select Client downloads
    Simulation
    In the ‘Single sign-on’ section click Sophos Transparent Authentication Suite (STAS)
    Simulation
    Click Save File
    Simulation
    Click Continue to switch to London DC
    Simulation
    Open File Explorer from the taskbar
    Simulation
    Select Downloads on the left
    Simulation
    Open STAS
    Simulation
    Click Run
    Simulation
    Click Next
    Simulation
    Click Next
    Simulation
    Click Next
    Simulation
    Click Install
    Simulation
    In this simulation you will install the whole suite, the collector and the agent
    Click Next
    Simulation
    In the ‘User Name’ field enter SOPHOS\STAS
    Enter and confirm the password Sophos1985 then click Next
    Simulation
    Click Finish
    Simulation
    Open Sophos Transparent Authentication Suite from the Desktop
    Simulation
    In the ‘Status’ section click Start
    Simulation
    Select the Exclusion List tab
    Simulation
    In the ‘Login User Exclusion List’ field click Add
    Simulation
    Enter STAS then click OK
    Simulation
    Select the STAS Collector tab
    Simulation
    In the ‘Sophos Appliances’ field edit the entry and change it to 172.16.16.16
    Simulation
    In the ‘Sophos Appliances’ field edit the entry and change it to 172.16.16.16
    Simulation
    In the ‘Sophos Appliances’ field edit the entry and change it to 172.16.16.16
    Simulation
    Select the STA Agent tab
    Simulation
    In the ‘Specify the networks to be monitored’ field edit the entry and change it to 172.16.16.0/24
    Simulation
    In the ‘Specify the networks to be monitored’ field edit the entry and change it to 172.16.16.0/24
    Simulation
    In the ‘Specify the networks to be monitored’ field edit the entry and change it to 172.16.16.0/24
    Simulation
    In the ‘Specify the networks to be monitored’ field add a new entry for 172.17.17.0/24
    Simulation
    In the ‘Specify the networks to be monitored’ field add a new entry for 172.17.17.0/24
    Simulation
    Select the General tab
    Simulation
    In the ‘NetBIOS Name’ field click …
    Simulation
    Enter SOPHOS then click OK
    Simulation
    In the ‘Fully Qualified Domain name’ field click …
    Simulation
    Enter SOPHOS.LOCAL then click OK
    Simulation
    Click OK
    Simulation
    Click Yes
    Simulation
    Open the Start menu
    Simulation
    Open Windows Administrative Tools
    Simulation
    Open Local Security Policy
    Simulation
    Select Security Settings > Local Policies > Audit Policy in the left-hand pane
    Simulation
    Select Security Settings > Local Policies > Audit Policy in the left-hand pane
    Simulation
    Open Audit account logon events in the right-hand pane
    Simulation
    Select Success
    This logs account login events in the Windows Event Log
    Simulation
    Click OK
    Simulation
    Click Continue to switch back to the WebAdmin of London Gateway 1
    Simulation
    Select CONFIGURE > System services in the left-hand menu
    Simulation
    Select Services
    Simulation
    Click Restart for the ‘Authentication’ service
    This will clear the cached authentication status on the XG Firewall
    Simulation
    Click OK
    Simulation
    Click Continue to login to London Server 2 as John Smith
    Simulation
    Please wait …
    Simulation
    Please wait …
    Simulation
    Select MONITOR & ANALYZE > Current activities in the left-hand menu
    Simulation
    Here you can see that John Smith (jsmith@sophos.local) has been authenticated by STAS
    Simulation
    You have configured single sign-on using STAS on XG Firewall
    This simulation is complete, you can close this window
    Simulation

    You might also like