beautypg.com

Using the secure access wizard, Overview, 4 using the secure access wizard – HP Identity Driven Manager Software Series User Manual

Page 179

background image

4-1

4

Using the Secure Access Wizard

Overview

The Secure Access Wizard (SAW) feature in IDM is designed to simplify the initial
setup of IDM by reducing the complexity of securing the network edge. SAW
facilitates the process of securing the network edge by targeting a group of devices
and using a highly intuitive GUI to configure network access rather than configuring
each device via CLI. Some major features of SAW include:

Setting the RADIUS server IP address and shared secret for a group of
devices

Setting the authentication methods for a group of devices

Configuring the authentication methods

Once you have decided to deploy IDM, you now need to secure the network edge by
enforcing 802.1X, Web-Auth, MAC-Auth, or any combination of the three (if
supported). There are several steps involved when a securing an edge device,
including:

Configuring all supplicant ports with 802.1X, Web-Auth or MAC-Auth
(preferably 802.1X for a more secure environment)

If 802.1X is chosen, selecting the authentication protocol, EAP or CHAP

Enabling session accounting so that IDM correctly detects user login and
log out

Optionally setting the interim update period

Optionally setting the re-authentication time-out

Adding the RADIUS server and the shared secret (key)

Activating the port authenticator

These steps need to be executed on all edge devices and will vary between wired and
wireless devices.