These are the new features in headlines grouped by topic. Later in the document we have included detailed information about each new feature.

Similar documents
Using VMware View Client for Mac

29 March 2017 SECURITY SERVER INSTALLATION GUIDE

BROWSER-BASED SUPPORT CONSOLE USER S GUIDE. 31 January 2017

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

KYOCERA Net Admin Installation Guide

MULTI FACTOR AUTHENTICATION USING THE NETOP PORTAL. 31 January 2017

Managing External Identity Sources

Version 9.2 User's Guide

NETOP GUEST FOR ANDROID GUIDE

Symantec pcanywhere 12.5 SP4 Release Notes

How to Configure Authentication and Access Control (AAA)

How to Configure Mobile VPN for Forcepoint NGFW TECHNICAL DOCUMENT

Installation Guide Command WorkStation 5.6 with Fiery Extended Applications 4.2

<Partner Name> <Partner Product> RSA SECURID ACCESS. Pulse Secure Connect Secure 8.3. Standard Agent Client Implementation Guide

08 March 2017 NETOP HOST FOR ANDROID USER S GUIDE

<Partner Name> <Partner Product> RSA SECURID ACCESS. VMware Horizon View 7.2 Clients. Standard Agent Client Implementation Guide

Fiery Command WorkStation 5.8 with Fiery Extended Applications 4.4

Realms and Identity Policies

Barracuda Networks NG Firewall 7.0.0

Webinar and Virtual Classrooms. Feature Comparison Chart

SNMP Manager User s Manual

Network Management Utility

SonicWALL strongly recommends you follow these steps before installing Global VPN Client (GVC) 4.1.0:

Remote Support Security Provider Integration: RADIUS Server

VMware Identity Manager Administration

VMWARE HORIZON CLOUD WITH VMWARE IDENTITY MANAGER QUICK START GUIDE WHITE PAPER MARCH 2018

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

ACCREDITED SOLUTION. EXPLORER Cisco Systems VPN Client

Installation Guide for Windows

WINDOWS HOST GUIDE. Remote Support & Management PC Mac Tablet Smartphone Embedded device. WiseMo Host module on your PC or Server

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

HP Instant Support Enterprise Edition (ISEE) Security overview

The Rockefeller University I NFORMATION T ECHNOLOGY E DUCATION & T RAINING. VPN Web Portal Usage Guide

NetSupport Manager v11

Installation Manual. Fleet Maintenance Software. Version 6.4

NETOP HOST ON A TERMINAL SERVER

Security Provider Integration RADIUS Server

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. PingIdentity PingFederate 8

Exam : JN Title : Juniper Networks Certified Internet Assoc(JNCIA-SSL) Exam. Version : Demo

STRS OHIO Telework F5 BIG-IP Edge Client for Mac Systems (Imac, Air, Macbook, Mini) User Guide

22 August 2018 NETOP REMOTE CONTROL PORTAL USER S GUIDE

Ensure that the server where you install the Primary Server software meets the following requirements: Item Requirements Additional Details

Table of Contents. Cisco Cisco VPN Client FAQ

Identity Policies. Identity Policy Overview. Establishing User Identity through Active Authentication

XenApp 5 Security Standards and Deployment Scenarios

Technology Requirements for Online Testing

Kerio Administration Console

How to Integrate RSA SecurID with the Barracuda Web Application Firewall

SonicWALL strongly recommends you follow these steps before installing Global VPN Client (GVC) 4.0.0:

Privileged Identity App Launcher and Session Recording

Read Me File for Check Point VPN-1 SecureClient For Windows CE (build 0029) 3/30/03

Caradigm Single Sign-On and Context Management RSA Ready Implementation Guide for. Caradigm Single Sign-On and Context Management 6.2.

VII. Corente Services SSL Client

Evaluation Guide Host Access Management and Security Server 12.4 SP1 ( )

PrintSuperVision.net Features and Installation

Software Information. Scan to Folder. Setup Tool for SMB. Version 1.0

Remote Access via Cisco VPN Client

Client Type Windows Linux Mac ios Android

Stonesoft Management Center. Release Notes for Version 5.5.1

Filr 3.3 Desktop Application Guide for Linux. December 2017

Appserv Internal Desktop Access Mac OS Device with Safari Browser. Enter your Appserv username and password to sign in to the Website

Shavlik Protect. Upgrade Guide

TechTalk: Implementing Citrix Receiver from Windows to iphone. Stacy Scott Architect, Worldwide Technical Readiness

ipassconnect 3.65 Release Notes

WINDOWS GUEST GUIDE. Remote Support & Management PC Mac Tablet Smartphone Embedded device. WiseMo Host module on your computer or device

Stonesoft Management Center. Release Notes Revision B

MAC HOST GUIDE. Remote Support & Management PC Mac Tablet Smartphone Embedded device. WiseMo Host module on your Mac computer

Junos Pulse 2.1 Release Notes

Vendor: Citrix. Exam Code: 1Y Exam Name: Implementing Citrix NetScaler 10.5 for App and Desktop Solutions. Version: Demo

Aqua Accelerated Protocol (AAP) User Manual

AT&T Global Network Client for Mac User s Guide Version 2.0.0

Microsoft Unified Access Gateway 2010

Getting Started with VMware View View 3.1

Receiver for BlackBerry 2.2

SpaceShuttle User guide v3

ForeScout Extended Module for MaaS360

VMware Horizon Client for Windows 10 UWP Installation and Setup Guide. Modified on 21 SEP 2017 VMware Horizon Client for Windows 10 UWP 4.

IBM NetBAY Virtual Console Software. Installer and User Guide

<Partner Name> <Partner Product> RSA SECURID ACCESS Authenticator Implementation Guide. Check Point SmartEndpoint Security

Stonesoft Management Center. Release Notes Revision A

VMware Horizon FLEX Client User Guide

New HTML Client book icon

IMC inode Intelligent Client v7.0 (E0106) Copyright (c) Hewlett-Packard Development Company, L.P. and its licensors.

The following topics provide more information on user identity. Establishing User Identity Through Passive Authentication

QuickStart Guide for Managing Computers. Version

Dell Repository Manager Business Client Version 2.2 User s Guide

StoneGate Management Center Release Notes for Version 4.2.1

Click Studios. Passwordstate. Remote Session Launcher. Installation Instructions

Stonesoft Management Center. Release Notes Revision A

Exam4Tests. Latest exam questions & answers help you to pass IT exam test easily

TM-800/1000 and TS-700/900 Administrator Manual

ForeScout Extended Module for VMware AirWatch MDM

Barracuda Networks SSL VPN

Workstation Configuration Guide

Stonesoft Management Center. Release Notes for Version 5.6.1

Evaluation Guide Host Access Management and Security Server 12.4

050-v71x-CSESECURID RSA. RSA SecurID Certified Systems Engineer 7.1x

3.1 Getting Software and Certificates

VMware Horizon FLEX Client User Guide. 26 SEP 2017 Horizon FLEX 1.12

Transcription:

5HOHDVHQRWHV²YHUVLRQ Danware is proud to introduce NetOp Remote Control 7.65 as the shipping version. It s a free upgrade for our existing customers using version 7.6x and a commercial upgrade for users running version 7.50 or earlier. :KDW VQHZLQYHUVLRQ" These are the new features in headlines grouped by topic. Later in the document we have included detailed information about each new feature. Security 956$6HFXU,'DXWKHQWLFDWLRQYLD6HFXULW\6HUYHU let the Security Server verify the Guest identity against an RSA ACE/Server using username and passcode 956$6HFXU,'DXWKRUL]DWLRQYLD6HFXULW\6HUYHU the Security Server controls allowed actions 956$6HFXU,'ZLWKWULSOHIDFWRUDXWKHQWLFDWLRQYLD6HFXULW\6HUYHU let the NetOp Security Server combine RSA SecurID authentication with a shadow Guest ID NetOp password 9'LUHFWRU\6HUYLFHDXWKHQWLFDWLRQYLD6HFXULW\6HUYHU let the NetOp Security Server verify the Guest identity against a Directory Server via LDAP 9'LUHFWRU\6HUYLFHDXWKRUL]DWLRQYLD6HFXULW\6HUYHU the NetOp Security Server controls allowed actions against a Directory Service via LDAP 96HFXULW\6HUYHUVXSSRUWIRU/LQX[0DF26;6RODULVDQG:LQGRZV&(+RVWV the NetOp Security Server can now authenticate and authorize Windows Guests access to non-windows Hosts 9([WHQGHGORJJLQJ the Windows Host can now create customized log events using combinations of IP address, logged on user and authenticated Guest user name as Guest ID or Host ID 9:RUNVWDWLRQJURXSVLQ6HFXULW\6HUYHUGDWDEDVH Computers in Windows NT 4.0 Domains can now become synthetic members of Windows groups to allow role assignments with groups Platform support Usability 96X6(/LQX[ enabled Guest and Host 9)HGRUD/LQX[ enabled Guest and Host 9:LQGRZV&([ enabled Guest and Host 90XOWLSOH*XHVWVHVVLRQV allows multiple Guests to connect to the same Windows Host 9*XHVWRQUHPRYDEOHPHGLD let the Guest program be launched from e.g. a USB flash key 93XEOLVKQHZXSGDWHV the public Web Update files can be copied to a local web server Performance 9(QKDQFHG7&3,3VSHHG discover with UDP and run the session on the faster TCP protocol Other features 9:LQGRZV&(ILOHWUDQVIHU the Host now supports file transfer sessions 9/LQX[VHULDOFRPPXQLFDWLRQSURILOH the Linux Host now supports modem connections 9,3EURDGFDVWOLVWV support for Linux, Solaris, Mac OS X and Windows CE Hosts 9,JQRUHSRUWLQIRUPDWLRQIURP1DPH6HUYHU the Windows modules use a fixed send port instead 96FULSW,3$GGUHVV5DQJH Windows Guest script can repeat commands for an IP address range Copenhagen, February 2004 Page 1 of 7

96FULSWORJLQFUHGHQWLDOV Windows Guest script can contain login credentials 96FULSWVHQGPHVVDJH Windows Guest script now supports Send Message 9(QKDQFHGVHWXS New NetOp Install and Web Update engine 90DF26;GLVSOD\VXSSRUWHQKDQFHPHQW now support for most resolutions and color depths Each new feature is described below in conceptual detail. The 32 bit Windows modules maintain the current language support available in version 7.6: English, French, German, Italian, Japanese, Portuguese and Spanish. The other modules below are available in an English version. 6HFXULW\ RSA SecurID authentication via Security Server 9This feature allows the NetOp Windows Security Server to authenticate the Guest user against an RSA ACE/Server. The authentication depends on the user name plus password and current token (together called PASSCODE) supplied by the Guest user. The implementation requires the presence of an installed and functional RSA ACE/Agent version 5.x on the NetOp Security Server. All Windows 32 bit modules support the RSA SecurID authentication via Security Server. RSA SecurID authorization via Security Server 9To control the Guest user s allowed session actions the Windows Security Server checks group membership against special groups for RSA SecurID locally maintained in the Security Server database for the authenticated Guest user. The special RSA SecurID groups are independent of any groups defined on the RSA ACE/Server. All Windows 32 bit modules support the RSA SecurID authorization via Security Server. RSA SecurID with triple-factor authentication via Security Server 9As an extension to the RSA SecurID authentication, the Security Server allows definition of a special shadow Guest ID account to further increase the security level for use in environments requiring very high security. By enabling the shadow Guest ID an additional check is performed against a corresponding NetOp Guest ID password. Shadow Guest ID password policies are maintained and enforced separately from the RSA ACE/Server policies. Directory Service authentication via Security Server 9This feature allows the NetOp Windows Security Server to authenticate the Guest user against a Directory Service via the LDAP protocol. The authentication depends on the user name, password and directory service name supplied by the Guest user. To locate the distinguished name (DN) for the common name (CN) entered by the Guest user as a user name, the Security Server contains a pre-configured Directory Service account for each defined Directory Service. This account can bind to the requested Directory Service and perform a search for the Guest user s CN and return the corresponding DN. The Security Server validates the Guest user login data by binding to the Directory Service with the Guest user s DN and password. If attempted bind was valid, it authenticates the Guest user s identity. To secure the LDAP communication, the Security Server can use SSL to encrypt the transmission between the Security Server and the Directory Service. It requires that you install a copy of the Directory Service s certificate(s) in the Security Server s Windows certificate store. Copenhagen, February 2004 Page 2 of 7

The Security Server configuration is open by design to support all Directory Service vendors. The authentication process uses the following fields: 8VHUVHDUFKFODVV, a filter to limit the number of objects searched for Guest user name. 8VHUDWWULEXWH, an attribute where the Guest user name should be found. All Windows 32 bit modules plus Linux, Mac OS X, Solaris and Windows CE Hosts support the Directory Service authentication via Security Server. Please notice that Guest modules for Linux, Mac OS X, Solaris, ActiveX and Windows CE do not support this feature. Directory Service authorization via Security Server 9To control the Guest user s allowed session actions the Windows Security Server can check group membership against a Directory Service via LDAP for the authenticated Guest user. After the authentication process, the Security Server binds with a pre-defined account to the Directory Service by which the Guest was validated and gets the list of groups of which the Guest user has membership. The group names and the validated Guest user name are matched with all Security role assignments using the same Directory Service to get the accumulated allowed actions for the session. The Security Service user can select a Directory Service group or user name from a tree view browse window and insert them under the Security role assignment. To secure the LDAP communication, the Security Server can use SSL to encrypt the transmission between the Security Server and the Directory Server. It requires that you install a copy of the Directory Server s certificate in the Security Server s Windows certificate store. The Security Server configuration is open by design to support all Directory Service vendors. The authorization process uses the following fields: 8VHUVHDUFKFODVV, a filter to limit the number of objects searched for Guest user name. 8VHUDWWULEXWH, an attribute where the Guest user name should be found. 8VHUEURZVHILOWHU, a filter to limit the number of objects displayed when selecting user objects. *URXSVHDUFKFODVV, a filter to limit the number of objects searched for the Group name. *URXSDWWULEXWH, an attribute where the Group name should be found. *URXSEURZVHILOWHU, a filter to limit the number of objects displayed when selecting group objects. 28VHDUFKILOWHU, a filter to limit the container types displayed when selecting users and groups. When running LDAP against MS Active Directory, the NetOp Security Server tries to locate the system groups Domain Users and Domain Computers. In case it fails, their DN can be specified in NETOP.INI: [NSS] LDAP_EXTRA_USER_GROUP=<DN for the Domain Users group> LDAP_EXTRA_COMPUTER_GROUP=<DN for the Domain Computers group> All Windows 32 bit modules plus Linux, Mac OS X, Solaris and Windows CE Hosts support the Directory Service authentication via Security Server. Please notice that Guest modules on Linux, Mac OS X, Solaris, ActiveX and Windows CE do not support this feature. Security Server support for Linux, Mac OS X, Solaris and Windows CE Hosts 9The NetOp Security Server can now authenticate and authorize Windows Guests access to non- Windows Hosts. Native NetOp and Directory Services via LDAP authentication are supported for Copenhagen, February 2004 Page 3 of 7

authentication. For authorization the following types can be used in role assignments: Guest types: *XHVW,' *XHVW,'*URXS 'LUHFWRU\6HUYLFHV8VHU 'LUHFWRU\6HUYLFHV*URXS Host types: Extended logging +RVW,' +RVW,'*URXS 9The Windows Host can write customized event entries to the supported logging services. The entries can for connection and session log events contain the Guest name created by using any combination of:,30$&dgguhvv $XWKHQWLFDWHGXVHUQDPH *XHVW,' *XHVW&RPSXWHUQDPH /RJJHGRQ:LQGRZVXVHU An example could be: JOHN@192.168.24.45-JOHNSPC The Windows Host can for all log events containing the Host name create any combination of:,30$&dgguhvv +RVW,' +RVW&RPSXWHUQDPH /RJJHGRQ:LQGRZVXVHU Workstation Groups in Security Server Database 9This feature allows the Security Server to work with workstation groups in addition to the individual Workstations for NetOp Security Server environments where the Preferred Host type is set to Windows user, if one is logged on, otherwise workstation or Always workstation. If the workstations are members of a Windows NT 4.0 Domain, where only users can be grouped, the existing Security Server database requires one role assignment per workstation to grant access in case no Windows user is logged on to the Host or Always workstation is selected. 3ODWIRUPVXSSRUW 6X6(/LQX[ By adding workstation groups to the Security Server database, role assignments can now include Hosts defined by their membership of a real Windows group acting as a synthetic workstation group. 9*XHVWDQG+RVW As an expansion of the existing platform support for: Copenhagen, February 2004 Page 4 of 7

- SuSE 8.0, 8.1 and 8.2 the programs have also been compiled to the following platform: - SuSE 9.0 for these processors: - Intel 80486 processor or higher, or 100% compatible. )HGRUD/LQX[ 9*XHVWDQG+RVW As an expansion of the existing platform support for: - Red Hat 7.x, 8.0 and 9.0 the programs have also been compiled to the following platform: - Fedora Core 1 for these processors: - Intel Pentium processor or higher, or 100% compatible. 0LFURVRIW:LQGRZV&([ 8VDELOLW\ 9*XHVWDQG+RVW As an expansion of the existing platform support for: - Windows CE 3.00 Handheld PC 2000, Pocket PC and Pocket PC 2002 - Windows CE 2.11 Handheld the programs have also been compiled to the following platforms: - Windows CE 4.0, 4.1, 4.2.net - Windows CE 4.2 Pocket PC 2003, Mobile 2003 software for Pocket PCs for these processors: - Intel X86, Intel StrongARM, Intel PXA 250, MIPS and SH3. Multiple Guests sessions 9This feature allows the Windows Host to accept multiple Windows Guest sessions at the same time. The first Windows Guest will have keyboard and mouse control, if the security role allows it and the preceding Windows Guests will have view only. Each Windows Guest must be authenticated and can generate NetOp log events on the Host. The Host accepts multiple File Transfer and Chat sessions. Copenhagen, February 2004 Page 5 of 7

Guest on removable media 9This feature allows the Windows Guest to be started from a removable media like an USB flash key. From the Guest interface a full working Guest module can be copied to a destination drive and folder. Using a Guest from a removable media does not require any preceding installation and it even allows the Guest user to include personal settings like phonebook items, etc. Publish new updates 3HUIRUPDQFH 9The Guest interface offers a function to copy the public Web Update files to a local web server. This allows your Guest and Host modules to perform Web Update from a local web server instead of using the public web server. By using this feature the Guest user has the opportunity to evaluate the updates before publishing them to the internal NetOp modules. The Web Update URL used by the internal NetOp modules can be changed under Tools / Program options / Web Update / Update Server. Enhanced TCP/IP speed 2WKHUIHDWXUHV 9The communication profile TCP/IP that uses UDP as the default protocol for discover and session can now establish session on TCP, if the other module is version 7.65 or newer. Using TCP instead of UDP gives up to 40 % speed enhancement for the default communication profile TCP/IP. The speed enhancement was implemented in the native TCP protocol in version 7.6. Windows CE file transfer 9Use a Windows Guest file transfer session to work with and transfer files to and from a Windows CE Host. Linux serial communication profile 9This feature allows the Linux Host to communicate via a serial communication device with the Windows Guest. A Serial Communication profile to be used with tty devices has been added and modem definitions can be created and edited manually or imported from a modem database. The Linux Host does not support call back. IP broadcast lists 9Linux, Mac OS X, Solaris and Windows CE Hosts using the UDP communication device can now search for other NetOp modules like Security Servers by using Broadcast Lists based on one or more Address lists containing IP and DNS addresses. The lists are maintained in the XML configuration file. Ignore port information from Name Server 9For NetOp modules, waiting for a connection behind firewalls with NAT (network address translation) and a PAT (port address translation) entry in the firewall forwarding the UDP packet to the module, using a NetOp Name Server fails, if the used NetOp receive port is changed by the firewall to a Copenhagen, February 2004 Page 6 of 7

random port and then registered at the Name Server. This features solves the issue for a Windows Guest or Host that uses the NetOp Name Server to resolve a NetOp name into <IP address: port>, by allowing the delivered port to be omitted and instead use a predefined port number matching the PAT entry. Script IP Address Range 9This feature allows the Windows Guest to create script files that can connect to an IP address range of Hosts with one active connection at a time. The authentication details can either be entered one time at script start by enabling Cache login passwords under Tools / Program options / Login / Authentication, by entering the details in the Login tab in Quick connect tab / Connection properties button or by filling out the login credentials in the same dialog box. It s recommended to use the same Guest access security for all potential Hosts within the IP address range. Otherwise the script will fail at login and prompt the Guest user for credentials every time it connects to a new Host. Script Login Credentials 9This feature allows the Windows Guest to create script files containing authentication details to enable automatic authentication against the Host(s). The fields can hold the following information: /RJLQQDPH Guest ID, Windows user name or Directory Service user name /RJLQSDVVZRUG The matching password (encrypted in the script file) /RJLQGRPDLQ Windows domain or Directory Service 8VHFXUUHQWORJLQFUHGHQWLDOVIRU:LQGRZV6HFXULW\DXWKHQWLFDWLRQ This will try to authenticate as the user logged on to the Guest computer As an alternative the login credentials can either be entered one time at script start by enabling Cache login passwords under Tools / Program options / Login / Authentication or by entering the details in the Login tab in Quick connect tab / Connection properties button. It s recommended to use the same Guest access security for all potential Hosts within the IP address range. Otherwise the script will fail at login and prompt the Guest user for credentials every time it connects to a new Host. Script Send Message 9This feature allows the Windows Guest to create script files that can send and show a message on the Host. The script command consists of two steps; copy the RTF based message file to the Host and display the message on the Host desktop. Enhanced Setup 9The setup engine in NetOp has been given a thorough overhaul, offering more consistency, better integration with Web Update, simplified download procedures, reduced download size for Web updates, ability to slipstream Web updates during setup, and reduced bandwidth consumption when performing administrative deployments. Mac OS X display support enhancement 9Better resolution and color depth support as addition to the support for 800x600, 1024x768 and 1280x1024 the Mac OS X Host now supports the most common resolutions. Copenhagen, February 2004 Page 7 of 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback