beautypg.com

0 introduction, 1 scope of document, 2 prerequisites – HID Juniper and ActivID AS SAML User Manual

Page 4: Introduction, Scope of document, Prerequisites

background image

FT2011 and Juniper Secure Access | SAML 2.0 Channel Integration Handbook

External Release | © 2012-2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved.

Page | 4

1.0 Introduction

The Juniper® Networks SA Series SSL VPN Appliances enable remote and mobile employees, customers, and
partners to gain secure access to corporate Virtual Private Network resources and applications. Providing secure
access via a VPN over existing Internet connections requires strong, two-factor authentication to protect
resources. The HID Global Identity Assurance™ solutions that work with Juniper Networks appliances incorporate
SSL VPN solutions with versatile, strong authentication that is flexible, scalable, and simple to manage. There are
two solutions:

• 4TRESS AAA Server for Remote Access—Addresses the security risks associated with a mobile

workforce remotely accessing systems and data.

• 4TRESS Authentication Server (AS)—Offers support for multiple authentication methods that are

useful for diverse audiences across a variety of service channels (including SAML), including user
name and password, mobile and PC soft tokens, one-time passwords, and transparent Web soft
tokens.

1.1

Scope of Document

This document explains how to configure 4TRESS Authentication Server (FT2011) and Juniper Secure Access
(SA) using Security Assertion Markup Language (SAML). SAML 2.0 enables Web-based authentication and
authorization and can be used by Juniper SA to delegate user authentication to the 4TRESS Authentication
Server.

The integration of 4TRESS Authentication Server capabilities with Juniper SSL-protected Virtual Private Networks
enables multiple user authentication choices. Users can authenticate to the 4TRESS authentication portal using
whichever authentication mechanism is appropriate for the environment and company policies. Authentication
methods working out of the box include one-time passwords (OTP), Web soft token OTPs, and Public Key
Infrastructure (PKI) methods.

1.2

Prerequisites

• 4TRESS Authentication Server (FT2011 or greater) installed and configured.

• Juniper SA with SAML 2.0 capabilities installed and configured (at a minimum, Juniper Networks

Secure Access IVE Platform Version 7.1R5).

See also other documents in the category HID Equipment: