SecureFactors. Copyright SecureFactors Corp ver 1.0a

Similar documents
AKAMAI WHITE PAPER. Enterprise Application Access Architecture Overview

Telemote - A Next Generation Secure Systems Administration Platform

ElasterStack 3.2 User Administration Guide - Advanced Zone

About This Document 3. Overview 3. System Requirements 3. Installation & Setup 4

Installation Guide Revision B. McAfee Cloud Workload Security 5.0.0

HySecure Quick Start Guide. HySecure 5.0

Setup Guide: TeraVM on Microsoft Azure. TeraVM Version 11.4

Using the Terminal Services Gateway Lesson 10

Securing Amazon Web Services (AWS) EC2 Instances with Dome9. A Whitepaper by Dome9 Security, Ltd.

UNT System Campus VPN Guide

Ansible Tower Quick Setup Guide

Installation of Informatica Services on Amazon EC2

NETOP HOST ON A TERMINAL SERVER

SelectSurvey.NET AWS (Amazon Web Service) Integration

Puppet on the AWS Cloud

SUREedge Migrator Installation Guide for Amazon AWS

KEMP360 Central. 1 Introduction. KEMP360 Central. Feature Description

Power Development Platform Connecting to your PDP system user guide

MICROSTRATEGY PLATFORM ON AWS MARKETPLACE. Quick start guide to use MicroStrategy on Amazon Web Services - Marketplace

VMware End User Computing Global Demo Environment Walkthrough Guide

Immersion Day. Getting Started with Windows Server on Amazon EC2. June Rev

Bitnami Apache Solr for Huawei Enterprise Cloud

Midland University Remote VPN Instructions

CONFIGURING BASIC MACOS MANAGEMENT: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Immersion Day. Getting Started with Windows Server on. Amazon EC2. Rev

CPM. Quick Start Guide V2.4.0

Delivers cost savings, high definition display, and supercharged sharing

Sangoma VM SBC AMI at AWS (Amazon Web Services)

WDC RDS Connection for Android Users

271 Waverley Oaks Rd. Telephone: Suite 206 Waltham, MA USA

Pexip Infinity and Amazon Web Services Deployment Guide

Reset the Admin Password with the ExtraHop Rescue CD

Device LinkUP + VIN. Service + Desktop LP Guide RDP

Bomgar Remote Support Representative Guide 16.1

Getting Started with Amazon Web Services

EdgeConnect for Amazon Web Services (AWS)

Dell EMC OpenManage Mobile. Version 3.0 User s Guide (Android)

Securely manage data center and network equipment from anywhere in the world.

Integrating IBM Security Privileged Identity Manager with ObserveIT Enterprise Session Recording

Load Balancing FreePBX / Asterisk in AWS

Guide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1

Check Point vsec for Microsoft Azure

Installing Oxwall completely in Amazon Cloud

F5 BIG-IQ Centralized Management and Amazon Web Services: Setup. Version 5.4

Read the following information carefully, before you begin an upgrade.

PCI DSS Compliance. White Paper Parallels Remote Application Server

AZURE SELF-HOSTED INSTALLATION GUIDE

The Balabit s Privileged Session Management 5 F5 Azure Reference Guide

Storgrid web client manual

Connect to Wireless, certificate install and setup Citrix Receiver

INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS AKAMAI SOLUTIONS BRIEF INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.

Connecting to Cisco Insight Reporter v3.1

USING PRODUCT PROVISIONING TO DELIVER FILES TO WINDOWS 10: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Citrix Cloud Resource Locations

10ZiG Technology. Thin Desktop Quick Start Guide

Hosting DesktopNow in Amazon Web Services. Ivanti DesktopNow powered by AppSense

The SSID to use and the credentials required to be used are listed below for each type of account: SSID TO CREDENTIALS TO BE USED:

EasyMorph Server Administrator Guide

Executing PowerShell Agent Commands

Amazon Elastic Compute Cloud

Bitnami MEAN for Huawei Enterprise Cloud

Cisco s AnyConnect VPN Client (version 2.4)

FortiMail AWS Deployment Guide

Immersion Day. Getting Started with Linux on Amazon EC2

HPE ilo mobile app for ios

Dell EMC OpenManage Mobile. Version User s Guide (Android)

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

Docker Container Access Reference Design

Bitnami JRuby for Huawei Enterprise Cloud

70-697: Configuring Windows Devices Course 7 Managing Apps

Cloud Print Migration Step-by-Step Deployment Guide

AWS Remote Access VPC Bundle

MotionPro Android Release Note

First-Time Login Procedure on XWin32

OVERVIEW... 3 WHAT'S NEW... 3 COMPATIBILITY WITH MDM PRODUCTS... 5 CONFIGURE AN MDM MANAGED VPN PROFILE FOR CITRIX SSO... 5

UNIVERSITY OF CYPRUS Computer Science Department

Agent and Agent Browser. Updated Friday, January 26, Autotask Corporation

A Step by Step Guide to Installing VPN on Raspberry Pi. Whitepaper

NetExtender for SSL-VPN

Information Security Policy

Executing PowerShell Agent Commands

Application Notes for Virsae Service Management for Unified Communications with Avaya Aura System Manager - Issue 1.0

Amazon Web Services EC2 Helix Server

Citrix SSO for ios. Page 1 18

Hypersocket SSO. Lee Painter HYPERSOCKET LIMITED Unit 1, Vision Business Centre, Firth Way, Nottingham, NG6 8GF, United Kingdom. Getting Started Guide

SJ Provider Directory Contents

Privileged Identity App Launcher and Session Recording

Computer Password Remote

Android Rep Console

Azure Marketplace Getting Started Tutorial. Community Edition

Hands-On Lab. Windows Azure Virtual Machine Roles. Lab version: Last updated: 12/14/2010. Page 1

Deploy the Firepower Management Center Virtual On the AWS Cloud

JUNIPER NETWORKS PRODUCT BULLETIN

Deploying Tableau at Enterprise Scale in the Cloud

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

Implementing Microsoft Azure Infrastructure Solutions

Professional Edition User Guide

DenyAll WAF User guide for AWS

Question: 1 Which three methods can you use to manage Oracle Cloud Infrastructure services? (Choose three.)

The Rockefeller University I NFORMATION T ECHNOLOGY E DUCATION & T RAINING. VPN Web Portal Usage Guide

Transcription:

SecureFactors Copyright SecureFactors Corp. 2018 ver 1.0a

Table of Contents Introduction... How to Use... Run SF Connector to access systems... SF Console... 1 2 3 10 11

SecureFactors(SF) is a new generation cloud system developed to securely access remote systems. It can be used by both end-users and systems administrators. SF's primary advantage is that all remote access is performed without a VPN. SF allows running modern IT tasks like secure remote access, systems management, customer support and SSH key distributions. Access and KeyVault are the first two applications released on SF. Using SF Console any systems linked to a SF cloud account can be accessed and managed anywhere in the world no matter where it is located behind a firewall or in your enterprise local network, all without a VPN (Virtual Private Network). Access is authenticated and all data communications are secured with FIPS certified cryptographic encryption. SF KeyVault allows full life cycle management of SSH Keys and digital identities. SF supports all Windows operating systems with a SF Connector that runs in all Windows platforms. SF Connector is also available for Linux/Unix/Apple MacOS/IOT devices. This portable version is written in Java programming language. Client side of SecureFactors is termed SF Console. Any web browser can be run as the SF Console allowing access of systems from any operating systems or mobile devices. Thus no software needs to be installed in the client side and a web SF Console is the primary user interface. However, an SF Console application is provided as an additional interface in Windows for sites that need higher resolution rendering of remote desktops than are available through a web browser. SF Cloud's modern design allows it to be dynamically partitioned to be run in a private or public cloud based on customer security needs. Amazon AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and IBM Cloud are key cloud platforms that can host and run SF Cloud. Enterprise customers can also license SF cloud to host it in their own data centers or private cloud, giving maximum deployment flexibility. Managed or accessed systems can be located anywhere in an enterprise, in remote branch locations or in public cloud Virtual Machines or Containers. 2

SecureFactors is available from https://securefactors.com and is used as a "software as a service". Your site administrator may have deployed SF in one of the public or private cloud. So check with your site administrator to find where your SF cloud points to. To start using SF, first create a SecureFactors account by clicking "SignUp" and providing a username and password to serve as your identity. Username can be in simple name or email format - as long it is unique and the username has not been taken in that SF site, it is acceptable. 3

Then for the machines to be accessed or managed, download and run SFConnector to install the cloud connector in systems that are to be accessed via SF cloud. SF Connectors are available for a variety of operating systems. Once installed, double click the SFConnector icon to run it and provide the correct cloud account credentials you created during signup to link the machine to your account. For the person accessing systems or performing systems administrators tasks, there is nothing to download - all access is provided from any browser which serves as the SF Console. Login to https://securefactors.com with a web browser using your SF credentials. To turn on two-factor authentication to an account, click "TOTP" or "U2F Factor" in user setting. For TOTP two-factor authentication, download Google Authenticator from Apple IOS or Android store and take image shot of QR image shown in the SF user account. Then logoff and log back on again. Enter the six digit number from Google authenticators if TOTP two-factor authentication is active for the account after entering the password. 4

5

Six digit TOTP two factor is shown entered. The six digits are obtained for each logon session by running Google Authenticator application in a mobile phone or device which has the account QR image listed. Once authenticated and logged into SecureFactors, one sees the machines that are connected to the SF account via SF Cloud. Choose "Access Machines" icon to see machines linked to an account. Choose "Key Manager" to enter SF KeyVault and manage SSH keys. 6

In Access Machines page, click Telemote or RDP verb to access that machine remotely. Telemote provides richer interface and features than RDP. "SSH" verb gives command line access to the machine to perform sysadmin tasks or run shell scripts. For Windows systems, a SF Console application is additionally offered. For remote systems that need finer graphics and screen control than available from a web browser, one would use this SF Console Windows application. SF Console application is downloaded from securefactors.com and installed in a Windows machine. Once installed, double click "SF Console" to launch it. Then login to an SF account from "Connections" drop down menu. Use with the same credential used for browser based logins to login with Windows SF Console. After login, all machines connected to the account will be visible. 7

In Windows SF Console, right clicking on a machine shows all actions that can be performed on the machine and permitted: Full graphical access to the remote desktop (what we term "Telemote"), Microsoft RDP, remote PowerShell session, FileTransfer, Command Line session, DashBoard sysadmin interface, Reboot/Shutdown, Updating the SF Connector remote software, Reboot & Shutdown. Telemote is available for all platforms. RDP is available for Windows machines only. In each of the machines to be managed, you need to provide the SF cloud account name and password that the machine should be visible to. This has to be done just once by double clicking "SFConnector" desktop icon and selecting Login menu in the SFConnector Tray icon UI as shown below. Cloud ID is securefactors.com or where your site administrator has hosted your SF Cloud. 8

9

SF accessed systems All systems needing to be accessed or managed run "SFConnector" small piece of software, which securely pulses to the SecureFactors cloud to an assigned SF account. This process makes the node visible and manageable from a SF Console (both browser based or.net version). A system can pulse to only a single SF account which is provided during the first run but can be changed by clicking the SF Connector tray icon. If a system is not connected to the cloud, double click the "SFConnector" icon to start it or right-click the tray icon for it to get to the Login menu to activate login providing the SF username and password if it has not been provided before. Unless one needs to change it, this authentication information are stored securely and never has to be provided even after reboot. Thus this node or system becomes a fully remotely accessed and managed SF system. All activities, including updates of the SF Connector software, can be done remotely from a SF Console. In the CloudID field, type securefactors.com or CloudID provided by your site administrator ( e.g. azure.securefactors.com, oracle.securefactors.com, aws.securefactors.com, google.securefactors.com, ibmcloud.securefactors.com, etc. are other possible CloudID). CloudID should be where your SF cloud account was created. 10

SF Console Users or systems administrators doing remote access, run a web browser and login to their cloud account to run browser based SF Console. Browser based access is the primary way to access and run all SecureFactors functions and features. Access Machines, User Setting and Key Manager (SF KeyVault) are the three entry functions in web SF Console. 11

To run the Windows version of SF Console, double click its icon on the desktop after SF Console application is downloaded and installed. Provide the username and password in the "Login" menu of the "Connections" menu drop down. Enter the two-factor when prompted. Various settings can be changed in the "Settings" menu drop down. "Optimize LAN Connectiion" is an importing setting turned on by default that reduces cloud traffic by sensing that a managed machine is on the local LAN and if so would send data to it directly (but encrypted and secure), thus speeding up access. 12

Various settings can be changed in the "Settings" menu drop down. "Optimize LAN Connectiion" is an importing setting turned on by default that reduces cloud traffic by sensing that a managed machine is on the local LAN and if so would send data to it directly (but encrypted and secure), thus speeding up access. Help drop down provides SF Console software update and uninstall option as well as on-line help. Right clicking on a machine shows all actions that can be performed on the machine and one can execute any action that is permitted. Full graphical access to the remote desktop (what we term "Telemote"), Microsoft RDP, remote PowerShell session, FileTransfer, Command Line session, DashBoard sysadmin interface, Reboot/Shutdown, Updating the remote SF Connector software - all IT and DevOps management tasks can be performed on the remote machine. 13

Tag a Machine SecureFactors brings "photo tagging" like ease into machine tagging to organize machines into groups and sub-groups. Machines can be organized into tagged groups and sub-groups on the left pane for ease in management. Right-click a machine on the right pane to "Tag" it just like photo tagging. "All Hosts" is the root group that is created automatically by SF and will always contain all machines pulsing to that account. Right-click "All-Hosts" and then select "Add" to add a new tag group underneath "All-Hosts" that you can name. Tagging group and subgroups can be created this way by right-clicking any group or sub-group with unlimited level of nesting allowed. Below shows tagging of a machine named "galaxy2" which is tagged to be in "Servers" and "64-bit" groups. Clicking check-mark will add the machine in that group or take it away from that group if it was marked before. 14

Right-clicking a group on the left pane, one can run actions on all machines in that group. For example, "Update" verb on that group will mean all machines in that group will be updated with the most recent release of the SF Connector software, all done remotely and in parallel. This allows zero-touch remote management of SF machines spread throughout an enterprise/geography/cloud-infrastructure once the first versions of SF are installed. 15

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback