MyFloridaNet-2 (MFN-2) Customer Portal/ Password Management/ VPN Reference Guide

Similar documents
MyFloridaNet-2 (MFN-2) Customer Portal/Password Management Reference Guide

MyFloridaNet-2 (MFN-2) Remote Access VPN Reference Guide

Login Procedures. Access Treasury Gateway by entering the site address in your web browser navigation box:

STRS OHIO F5 Access Client Setup for ChromeBook Systems User Guide

Chapter 2. Passwords, Access, and Logon

Remote Access User Guide for Mac OS (Citrix Instructions)

PS Suite EMR ASP Remote Access Setup Guide for Macintosh computers

VPN Installation Quick Setup Guide

Wholesale Lockbox User Guide

DSS User Guide. End User Guide. - i -

SANTA CLARA COUNTY CFET THIRD PARTY PARTNERS REMOTE ACCESS GUIDE

SafeNet Authentication Manager

Remote Access VPN Setup

IT Access Portal User Guide (Employees)

Manual for configuring VPN in Windows 7

FH Remote Access Last Updated: July 3, 2013

Molina Agent User Guide

NextMD Patient Portal Guide

Software Token Enrollment: SafeNet MobilePASS+ for Apple ios

Multi-Sponsor Environment. SAS Clinical Trial Data Transparency User Guide

End User Manual. December 2014 V1.0

Sync User Guide. Powered by Axient Anchor

Bechtel Partner Access User Guide

Regions OnePassSM USER GUIDE. It s time to expect more. Regions Bank Member FDIC Revised

CITRIX REMOTE PC SKADDEN REMOTE ACCESS PAGE CONNECT TO SKADDEN SYSTEMS REMOTELY LOG ON TO REMOTE DESKTOP DOWNLOAD & INSTALL CITRIX

Registration for Online Services at Drayton Medical Practice

Barracuda Networks SSL VPN

GRS Enterprise Synchronization Tool

Welcome (slide 1) Welcome to the Florida Department of Education Single Sign-On tutorial for hosted user login and navigation.

Installing and Connecting to the SOM VPN using the Cisco AnyConnect version 4.x Client (Windows)

Regions OnePass USER GUIDE. It s time to expect more. Regions Bank Member FDIC Revised

NotifyMDM Device Application User Guide Installation and Configuration for Android

MyClinic. Password Reset Guide

ENROLLING FOR YOUR SYKES HOME TRAINING

Group Administrators

Software Token. Installation and User Guide. 22 September 2017

AT&T Global Network Client for Mac User s Guide Version 1.7.3

RSA SecurID Ready Implementation Guide. Last Modified: December 13, 2013

Remote Access Resources

STREAMLYNE GUIDE FOR STUDENTS/PRINCIPAL INVESTIGATORS

Pulse Workspace Appliance. Administration Guide

Check Point GO R75. User Guide. 14 November Classification: [Public]

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. PingIdentity PingFederate 8

isupplier Portal Registration & Instructions Last Updated: 22-Aug-17 Level 4 - Public INFRASTRUCTURE MINING & METALS NUCLEAR, SECURITY & ENVIRONMENTAL

MULTI-FACTOR AUTHENTICATION SET-UP

GoToMyPC Corporate Administrator Guide

CMS Enterprise Portal User Manual

Comodo IT and Security Manager Software Version 6.9

Palisades School District PowerSchool Parent Portal Guide

Document Signing Certificate Getting Started Guide

Connect to Wireless, certificate install and setup Citrix Receiver

ivisions Employee Guide Portal Employee User Guide Town of Needham Terry Wolfson Created: 1/27/2014 Updated: 10/5/2016

Managing WCS User Accounts

Passport Acceptance Agent Training System Student Guide

PowerSchool Student and Parent Portal User Guide. PowerSchool Student Information System

AT&T Global Network Client for Mac User s Guide Version 2.0.0

HLZA HOW-TO S SETTING UP AND USING REMOTE ACCESS. July 10, 2014

Accessing TAS and the CSC Portal

Getting Started with Cisco WebEx Meeting Applications

Hitachi ID Systems Inc Identity Manager 8.2.6

SecuRemote for Windows 32-bit/64-bit

The tool can also be accessed by clicking the Self Service Password Manager icon on your desktop, or by visiting:

Lifespan Guide for using your Lifespan Network Account

Banner SSL VPN User Guide

PowerSchool Parent Portal User Guide. PowerSchool 7.x Student Information System

Accessing Insurance Portal/PAS Job Aid Single Sign-On

Amazon AppStream 2.0: SOLIDWORKS Deployment Guide

WAM!NET Submission Icons. Help Guide. March 2015

NCID-NG User Guide Version 1.3

San Jacinto College. Secure SSL VPN Instruction Manual. Contents

Security Cooperation Information Portal

STRS OHIO Telework F5 BIG-IP Edge Client for Mac Systems (Imac, Air, Macbook, Mini) User Guide

PowerSchool 7.x Student Information System

Calendar & Buttons Dashboard Menu Features My Profile My Favorites Watch List Adding a New Request...

EOH-SASOL - Setup Sasol Mobile Express (Client)

isupplier Portal Registration & Instructions Last Updated: 12-Mar-2018 Level 4 - Public INFRASTRUCTURE MINING & METALS

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Pulse Connect Secure 8.x

Drexel University. Version April Page 1 of 23. Version April agf

Hitachi High Technologies America, Inc. Password Policy

Configuring and Using your Nationwide Extranet Virtual Machine

CITRIX REMOTE PC SKADDEN REMOTE ACCESS PAGE CONNECT TO SKADDEN SYSTEMS REMOTELY DOWNLOAD & INSTALL CITRIX LOG ON TO REMOTE DESKTOP

Comodo IT and Security Manager Software Version 6.6

SmartVoice Portal. End User Quick Start Guide. Contact Customer Care at /26/2017 for additional assistance.

Online Reporting and Information Management System (ORIMS) Manage Financial Returns User Guide for Banks & Trust Companies

Remote Access. Application Viewer User Guide

Device LinkUP + VIN. Service + Desktop LP Guide RDP

Comodo LoginPro Software Version 1.0

BHSF Physician User Guide

Test Information and Distribution Engine

Note: It is highly recommended that users pre enroll while at work by going to

User Guide for Client Remote Access. Version 1.2

RSA Authentication Manager 7.1 Help Desk Administrator s Guide

ONE ID Identity and Access Management System

penelope case management software AUTHENTICATION GUIDE v4.4 and higher

Anchor User Guide. Presented by: Last Revised: August 07, 2017

ACH Monitor Fraud Review and Approval USER GUIDE

Installing and Connecting to DGL PM Server

BT MobileXpress App V2 for Android Quick Guide

Secure single sign-on for cloud applications

MULTI-FACTOR AUTHENTICATION SET-UP

Transcription:

MyFloridaNet-2 (MFN-2) Customer Portal/ Password Management/ VPN Reference Guide i

VISION RECORDS REVISION DATE DESCRIPTION 0 27 September 2017 Initial Submittal. 1 Second Submittal. ii

TABLE OF CONTENTS Paragraph Title Page 1 INTRODUCTION... 1 2 CUSTOMER PORTAL ACCESS... 2 2.1 Customer Portal Request Form... 2 2.2 Downloading and Installing the RSA SecurID Token Application... 2 2.3 Import the Token... 6 2.4 Register the Token and Create a PIN... 10 3 USING THE PASSWORD MANAGEMENT SYSTEM... 13 3.1 Enrolling in the Password Management System... 13 3.2 Changing a Password... 19 3.3 Resetting a Password... 21 4 USING THE CUSTOMER PORTAL... 24 4.1 Access the Customer Portal... 24 4.2 Accessing the MFN-2 Training Server (MTS)... 25 4.3 Changing the MTS Password... 26 5 VIRTUAL PRIVATE NETWORK (VPN)... 30 5.1 Clientless VPN... 30 5.2 Client-to-LAN... 32 iii

LIST OF APPENDICES Appendix Title Page CUSTOMER PORTAL REQUEST FORM... A-1 LIST OF ILLUSTRATIONS Figure Title Page Figure 2.2-1. Downloaded RSA SecurID Software Token... 3 Figure 2.2-2. Extracted RSA Token File... 3 Figure 2.2-3. Run the Installer File... 4 Figure 2.2-4. RSA SecurID Software Token Setup Wizard... 4 Figure 2.2-5. Accept License Agreement... 5 Figure 2.2-6. Typical Setup... 5 Figure 2.2-7. Click to Install... 6 Figure 2.3-1. Emailed Token Zip File... 6 Figure 2.3-2. Extracted Token Zip File on Desktop... 7 Figure 2.3-3. Open RSA SecurID Token Application... 7 Figure 2.3-4. Import from File... 8 Figure 2.3-5. Navigate to Folder on Desktop... 8 Figure 2.3-6. OK to Import... 8 Figure 2.3-7. Enter Token Password... 9 Figure 2.3-8. Leave the Token Name As Is... 9 Figure 2.3-9. Token Display... 9 Figure 2.4-1. Register Token Link... 10 Figure 2.4-2. RSA Self-Service Console... 10 Figure 2.4-3. Passcode Text Box... 11 Figure 2.4-4. PIN Creation... 11 Figure 2.4-5. RSA My Account Page... 12 Figure 3.1-1. Change or Forgot Password?... 13 Figure 3.1-2. PRS Enrollment... 13 Figure 3.1-3. Change Password Prompt... 14 Figure 3.1-4. Enter New Password... 15 Figure 3.1-5. Password Changed... 15 Figure 3.1-6. PRS Login Page... 16 Figure 3.1-7. Security Questions Setup... 16 Figure 3.1-8. Last Name of Your First Boss... 16 Figure 3.1-9. Name of Street on Which You Grew Up... 17 Figure 3.1-10. Enter Email Address to Receive Pincode... 17 Figure 3.1-11. Example Pincode Email... 17 Figure 3.1-12. Prompt for Pincode... 18 Figure 3.1-13. Successful PRS Enrollment... 18 iv

LIST OF ILLUSTRATIONS Figure Title Page Figure 3.1-14. PRS User Home Page... 18 Figure 3.1-15. PRS Profile Verification... 19 Figure 3.2-1. Change or Forgot Password?... 19 Figure 3.2-2. Change My Password... 20 Figure 3.2-3. Enter Current Password... 20 Figure 3.2-4. Enter New Password... 21 Figure 3.2-5. Password Changed... 21 Figure 3.3-1. Reset Password Identity Dialog... 22 Figure 3.3-2. Reset the Password... 22 Figure 3.3-3. Password Reset Successful... 23 Figure 4.1-1. Logging into the Portal... 24 Figure 4.1-2. DMS Customer Portal Splash Page... 24 Figure 4.2-1. MTS Log in Prompt... 25 Figure 4.2-2. MTS Dashboard... 26 Figure 4.2-3. My Florida Network-2 Training Course... 26 Figure 4.3-1. User Settings Dropdown... 27 Figure 4.3-2. User Profile... 27 Figure 4.3-3. Edit Profile Page... 28 Figure 4.3-4. User Preferences... 28 Figure 4.3-5. Change Password Dialog... 29 Figure 5.1-1. VPN Login Page... 31 Figure 5.1-2. Custom VPN Links Example... 31 Figure 5.1-3. VPN Logout Page... 32 Figure 5.2-1. Cisco AnyConnect Download Process... 32 Figure 5.2-2. Internet Explorer Prompt for Add-On... 33 Figure 5.2-3. Downloader... 33 Figure 5.2-4. Download Error... 33 Figure 5.2-5. Internet Explorer Internet Options... 34 Figure 5.2-6. Trusted Sites... 34 Figure 5.2-7. Add Trusted Site... 35 Figure 5.2-8. Installation... 35 Figure 5.2-9. Connection Established... 36 Figure 5.2-10. VPN Disconnect... 36 Figure 5.2-11. VPN Reconnect... 37 Figure 5.2-12. Use PIN + Token for Password... 37 v

1 INTRODUCTION The purpose of this guide is to provide the MFN-2 customer end user with instructions on Customer Portal access, Password Management enrollment and usage, and VPN connectivity. The Customer Portal (portal) account creation process is established to provide approved MFN-2 customers with access to network resources used to monitor the performance of their service. This process includes the download and installation of a software token, which is used with the user s username and password to provide multifactor authentication protection. Once a user has portal access, they can open and use the Network Management System (NMS) tools they have been granted access to, in order to view their assets status and performance, as well as related tickets and scheduled maintenance. These are the same tools used by the MFN-2 NOC/SOC personnel. Enrollment in the Password Management system is required if using the Customer Portal. This system, also known as the Password Reset Server (PRS), allows the user to change their MFN-2 password before it expires. The user is notified a reminder before the 90-day password expiration. If the password expires or is forgotten, the PRS allows the user to reset it. Resetting a password requires the user to answer a series of questions that are set up during the enrollment process. The credentials generated during the Customer Portal account creation process, are the same as used for Client-to-LAN and Clientless VPN access, however, a Customer Portal account is not necessary for VPN access. VPN customers without a Customer Portal account will be emailed a username and initial password and will follow the instructions to download and register a software token as outlined in this Reference Guide. Client-to-LAN VPN access requires the Cisco AnyConnect Secure Mobility Client be downloaded and installed on the VPN client device. The Clientless method of VPN connectivity uses the Internet to connect and does not require the download of a client application. Users should contact the MFN-2 NOC/SOC at +1 (844) 548-MFN2 (6362) if they have any difficulty with these instructions. Once connected, press 2 to reach the SOC. NOTE: The RSA soft token installation and the Cisco AnyConnect Secure Mobility Client installation both require administrator rights on the device on which they are being installed. If the user does not have administrator rights on the device, assistance from their Information Technology department will likely be necessary. NOTE: Usernames should be input as lowercase only. 1

2 CUSTOMER PORTAL ACCESS Customer Portal/Password Management/VPN Reference Guide The Customer Portal provides access to the NMS tools as well as the MFN-2 Training Server (MTS). This access requires the series of steps outlined in this section. 2.1 Customer Portal Request Form The Customer Portal access process begins when the MFN-2 customer completes the Customer Portal Request Form. This PDF can be found at the end of this document in Appendix A. Once completed, the form is submitted by the customer to their agency s primary or secondary Security Administrator for approval. The Security Administrator approves the request, if appropriate, and submits the request form to the MFN-2 NOC/SOC at: support@mfn2.myflorida.com. The service provider reviews and confirms the request is from an approving Security Administrator. NOTE: A primary and secondary Security Administrator must be identified per Section 5.4 of the User Guide, which is posted on the SUNCOM website. Once confirmed, the MFN-2 NOC/SOC creates the user s account and emails the user with: A username and initial password A link to the RSA SecurID Token application A token.zip file A password to unlock the token.zip file The soft tokens are available for iphone, Android, or personal computer, and the selection is indicated on the Customer Portal Request Form. Administrative permissions are required on whichever platform is selected. NOTE: The example screenshots and instructions used in this Reference Guide are for a Windows computer. The steps will be similar on other platforms. 2.2 Downloading and Installing the RSA SecurID Token Application NOTE: DMS users with hard tokens should skip to Section 2.4 of this document and register the token and create a PIN as described there. 2

To download the RSA SecurID soft token, open the Internet Explorer browser, navigate to the following URL, and click Save when prompted to save the zip file. https://community.rsa.com/externallink.jspa?url=ftp%3a%2f%2fftp.emc.com%2fpub%2fagents%2ftokens%2frsasecuridsoft waretoken5.0.2x86.zip. By default, the file will save to the Downloads folder, as shown in Figure 2.2-1. Figure 2.2-1. Downloaded RSA SecurID Software Token When the download is complete, navigate to the Downloads folder, and right click the.zip file and click Extract All. Click Extract to extract the file in the destination location listed, which should be an RSASecurIDSoftwareToken folder in the Downloads folder. Double-click the extracted RSASecurIDSoftwareToken folder, then double-click the RSASecurIDToken folder inside, and then double click the RSASecurIDToken folder inside that. There should be two.msi files, as shown in Figure 2.2-2. Double-click the RSASecurIDToken502.msi file and click Run as shown in Figure 2.2-3. Figure 2.2-2. Extracted RSA Token File 3

Figure 2.2-3. Run the Installer File Follow the wizard to install the token as shown in Figure 2.2-4, Figure 2.2-5, Figure 2.2-6, and Figure 2.2-7. Choose Typical when prompted for Setup Type. You may be asked to enter administrator credentials on the client device. Without administrative access, the installation will likely fail. Click Finish when the setup wizard has completed the install. Figure 2.2-4. RSA SecurID Software Token Setup Wizard 4

Figure 2.2-5. Accept License Agreement Figure 2.2-6. Typical Setup 5

Figure 2.2-7. Click to Install 2.3 Import the Token Once the application has been installed, the user s token file must be imported into it. Locate the software_token.zip file received via email as shown in the redacted version in Figure 2.3-1, and click the dropdown arrow beside it, and then click Save As and save it to the Desktop. Rightclick the software_token.zip file just saved and click Extract All. Click Extract to extract the file to the Desktop, as shown in Figure 2.3-2. Figure 2.3-1. Emailed Token Zip File 6

Figure 2.3-2. Extracted Token Zip File on Desktop Click the Windows Start button, and click the RSA SecurID Token application to run it, as shown in Figure 2.3-3. Figure 2.3-3. Open RSA SecurID Token Application Click Import from File as shown in Figure 2.3-4. Next, click Browse and navigate to the Desktop. Locate the dms_software_token folder, and double-click it as shown in Figure 2.3-5. Then click the.sdtid file inside of that folder and click Open. Click OK as shown in Figure 2.3-6. A password prompt displays. 7

Figure 2.3-4. Import from File Figure 2.3-5. Navigate to Folder on Desktop Figure 2.3-6. OK to Import Navigate to the email that contains the password for the RSA SecurID token this is a different password than the user s password. Enter the emailed password, as shown in Figure 2.3-7, and then click OK. Once the token has successfully imported, the user is prompted to change the name of the token, as shown in Figure 2.3-8. Click OK to leave the name unchanged. Figure 2.3-9 displays a successfully imported token. 8

Figure 2.3-7. Enter Token Password Figure 2.3-8. Leave the Token Name As Is Figure 2.3-9. Token Display 9

2.4 Register the Token and Create a PIN Customer Portal/Password Management/VPN Reference Guide Once the RSA SecurID software token has been successfully installed, a PIN that is only known to the user must be created. Open Internet Explorer and navigate to https://portal.mfn2.myflorida.com. This lands the user on the MFN-2 Customer Portal login page as shown in Figure 2.4-1. Click Register Token. The RSA Self-Service Console displays as shown in Figure 2.4-2. Figure 2.4-1. Register Token Link Figure 2.4-2. RSA Self-Service Console Enter the User ID (username) and click OK, and a Passcode text box appears as shown in Figure 2.4-3. Enter the six digits currently displayed in the RSA SecurID Token application into the Passcode text box and click Log On. 10

Figure 2.4-3. Passcode Text Box Figure 2.4-4 displays the next screen which prompts for a PIN. While the system supports several characters, we recommend setting a four-digit PIN not related to any personally identifiable information. Enter the PIN into the New PIN and the Confirm New PIN text boxes. Finally, wait 60 seconds or until the tokencode changes on the RSA SecurID token, and enter the new code into the Next Tokencode text box. Click OK to complete the token and PIN creation process. Figure 2.4-4. PIN Creation Figure 2.4-5 displays an example of the My Account page resulting from the token registration process. There may be a yellow Notes area on the page that suggests the user should set up emergency authentication questions. At this time, these questions are not being used. The user can ignore this. 11

Figure 2.4-5. RSA My Account Page NOTE: The user should NOT attempt to log in to the Customer Portal yet, but rather proceed to the next section, Section 3, and enroll in the Password Management System. 12

3 USING THE PASSWORD MANAGEMENT SYSTEM Customer Portal/Password Management/VPN Reference Guide Before logging in to the Customer Portal, the user should enroll in the Password Management System. The Password Management System, also known as the Password Reset Server (PRS), provides an easy way for the user to change or reset their password. Changing a password requires the user to know their current password. Resetting a password is done when the user has forgotten their password or is locked out. Enrollment in the PRS is required if using the Customer Portal. 3.1 Enrolling in the Password Management System To reach the Password Management System, open Internet Explorer and navigate to https://portal.mfn2.myflorida.com. This will land the user on the MFN-2 Customer Portal client page as shown in Figure 3.1-1. Click Change or Forgot Password? to jump to the PRS as shown in Figure 3.1-2. Figure 3.1-1. Change or Forgot Password? Figure 3.1-2. PRS Enrollment 13

Before a user can reset or change their password, they must enroll in the system. To enroll, the user should enter their username (lowercase only) and password, as provided in an email from the service provider, into the Username and Password text boxes. Do not change the Domain. Click Login. If, at the time of this first login, the user s password has already expired, or needs to be changed because it is the default password, the user will be prompted to change their password before they can enroll in the PRS. If this happens, the user will see the Change Password prompt as shown in Figure 3.1-3. NOTE: If the user is not prompted to change their password at this point, the user should skip to the paragraph beginning immediately following Figure 3.1-6. Figure 3.1-3. Change Password Prompt After entering the username and current password, the user should click Continue to navigate to a dialog that prompts the user to enter a new password and confirm it as shown in Figure 3.1-4. When choosing a new password, users should follow the password requirements listed below: Passwords must contain at least 14 characters Passwords must contain characters from three of the following categories: o Uppercase letters (A through Z) o Lowercase letters (a through z) o Base 10 digits (0 through 9) o Non-alphanumeric characters (for example:!, $, #, %) Passwords cannot contain the end user s username or portions of their full name 14

o Example: User Bob Smith cannot have a password which contains Bob or Smith Passwords cannot be the same as any of the previous 24 passwords Enter the new password in the New Password text box, enter it again in the Confirm New Password text box, and then click Change Password. If the password is successfully changed, the user will see the dialog shown in Figure 3.1-5. Clicking Login will navigate the user to the PRS home page as shown in Figure 3.1-6. Figure 3.1-4. Enter New Password Figure 3.1-5. Password Changed 15

Figure 3.1-6. PRS Login Page Once on the PRS Login page, the user should enter their username and password. Leave the domain as is. Click Login. The user is then prompted to set up the security necessary for a password reset. Click Continue to begin the process as shown in Figure 3.1-7. Answer the first two questions as shown in Figure 3.1-8 and Figure 3.1-9, clicking Continue after each. The third question, shown in Figure 3.1-10, is a prompt for the user s email address, to which a code will be sent. Enter the email address and click Continue. Figure 3.1-7. Security Questions Setup Figure 3.1-8. Last Name of Your First Boss 16

Figure 3.1-9. Name of Street on Which You Grew Up Figure 3.1-10. Enter Email Address to Receive Pincode The system will do a test run to verify the setup was completed correctly. Enter the answers and the emailed Pincode when prompted. Figure 3.1-11 displays an example Pincode email. Figure 3.1-12 displays the Pincode prompt. If the questions are answered correctly, Test Run Successful displays as shown in Figure 3.1-13, indicating the user has successfully enrolled in the PRS. Click Continue to jump to the User Home page, an example of which is shown in Figure 3.1-14. Click the Profile Information tab and click Mark as Verified to verify your account information, as shown in Figure 3.1-15. Figure 3.1-11. Example Pincode Email 17

Figure 3.1-12. Prompt for Pincode Figure 3.1-13. Successful PRS Enrollment Figure 3.1-14. PRS User Home Page 18

Figure 3.1-15. PRS Profile Verification 3.2 Changing a Password MFN-2 Customer Portal passwords automatically expire after 90 days and those enrolled in the PRS will be provided with an email notification as password expiration is about to occur. To change the password, open Internet Explorer and navigate to the Customer Portal client located at https://portal.mfn2.myflorida.com. Click Change or Forgot Password? as shown in Figure 3.2-1 to navigate to the PRS, as shown in Figure 3.2-2. Click Change My Password. Users must know their password to change their password. Figure 3.2-1. Change or Forgot Password? 19

Figure 3.2-2. Change My Password The Change Password dialog displays, as shown in the example in Figure 3.2-3, and the user is prompted to enter Domain, Username, and Current Password. Leave the Domain as is. Enter the Username and Current Password and click Continue. Figure 3.2-3. Enter Current Password The user is prompted to enter a new password and confirm it. When choosing a new password, please follow the password requirements listed below: Passwords must contain at least 14 characters Passwords must contain characters from three of the following categories: o Uppercase letters (A through Z) o Lowercase letters (a through z) o Base 10 digits (0 through 9) o Non-alphanumeric characters (for example:!, $, #, %) Passwords cannot contain the end user s username or portions of their full name o Example: User Bob Smith cannot have a password which contains Bob or Smith 20

Passwords cannot be the same as any of the previous 24 passwords Enter the new password in the New Password text box, enter it again in the Confirm New Password text box, and then click Change Password, as shown in Figure 3.2-4. If the password is successfully changed, the user will see the dialog shown in Figure 3.2-5. Clicking Login will navigate the user to the PRS home page. Figure 3.2-4. Enter New Password 3.3 Resetting a Password Figure 3.2-5. Password Changed If a user has forgotten their password and/or locked themselves out of the system, the user s password can be reset using the Password Reset Server. Follow the directions in Section 3.2 above, but click Reset My Password, instead of Change My Password. The Password Reset: Identity dialog will display as shown in the example in Figure 3.3-1. Leave the Domain as is. 21

Enter the Username and click Continue. Customer Portal/Password Management/VPN Reference Guide Figure 3.3-1. Reset Password Identity Dialog The user is prompted with the security questions that were set up during the PRS enrollment and are shown in Figure 3.1-7. If the two questions and an emailed pincode are correctly provided, the user will be prompted to reset their password, as shown in Figure 3.3-2. Figure 3.3-3 displays if the user s password has been reset successfully. Clicking Login navigates the user to the PRS home page. Figure 3.3-2. Reset the Password 22

Figure 3.3-3. Password Reset Successful Note that all three questions are required to do a password reset. If a user cannot reset their password using the PRS, the agency s Security Administrator must email the MFN-2 NOC/SOC with a request to reset it. A temporary password will be provided to the Security Administrator, who will share this information with the user. Password resets via the Security Administrator can take up to 48 hours before completed. In the event a password reset must be completed sooner, the Security Administrator should follow-up with a direct call to the MFN-2 NOC/SOC via telephone to request expedited service. The email and phone number for the MFN-2 NOC/SOC are as follows: Email: support@mfn2.myflorida.com Telephone: +1 (844) 548-MFN2 (6362) 23

4 USING THE CUSTOMER PORTAL Customer Portal/Password Management/VPN Reference Guide Once a user has acquired a username, password, PIN, and token, and enrolled in PRS per the directions in Section 2 and 3 of this Reference Guide, that user can log into the Customer Portal and access the NMS toolset. Those same credentials are used to connect to the VPN, if the user has ordered VPN Client-to-LAN or VPN Clientless access. 4.1 Access the Customer Portal The Customer Portal client page is located at https://portal.mfn2.myflorida.com as shown in Figure 4.1-1. The Internet Explorer browser is preferred. Enter the Username, Password, and the PASSCODE, which is the user s PIN plus the token code displaying in the RSA SecurID Token application or on the hard token. Leave the Domain as MFN2 and click Logon. The user will be navigated to the Customer Portal splash page which displays the NMS toolset available to the user. In the example in Figure 4.1-2, the DMS user has access to some tools that may not be available to a standard MFN-2 customer user. Figure 4.1-1. Logging into the Portal Figure 4.1-2. DMS Customer Portal Splash Page 24

4.2 Accessing the MFN-2 Training Server (MTS) Customer Portal/Password Management/VPN Reference Guide At this time, it is expected that all tools except one will use Single Sign-On (SSO) for authentication. This means that once a user has logged into the portal, they will not need to enter those credentials again to access the tools. Clicking any tools link will log the user into the tool automatically, as long as they have the associated permissions. The one exception to SSO at this time is the MFN-2 Training Server (MTS). This server houses all MFN-2 training artifacts in their latest and most updated form. Users are prompted to enter local credentials when they click the MFN-2 Training Server link. Local accounts on the MTS are configured when portal accounts are created. The username will be the same as the portal username. A password will be emailed to the user, and once logged into the MTS, the user can change that password. Clicking the MFN-2 Training Server link on the Customer Portal splash page prompts the user for log in credentials as shown in Figure 4.2-1. Note that logging in as a guest is not supported. Figure 4.2-1. MTS Log in Prompt Successful login navigates the user to the MFN-2 Training Server Dashboard as shown in Figure 4.2-2. MFN-2 users will only have one course displayed. Click My Florida Network-2 to access the course. The course home page is displayed in Figure 4.2-3. The Calendar in the right pane indicates any scheduled training. The training content, itself, is contained in the middle pane of the home page. In the figure, the Network Architecture training module is displayed, and within that module is the training slides and a related self-assessment. If a user scores at least 84% on an assessment, a digital badge is awarded and will display under Badges in the left pane. An assessment can be taken as many times as desired. Training content is continually updated as necessary. 25

Figure 4.2-2. MTS Dashboard Figure 4.2-3. My Florida Network-2 Training Course 4.3 Changing the MTS Password It is recommended that users change their MTS password to match their MFN-2 Customer Portal password. Click the dropdown arrow in the upper right of the screen and then click Profile, as shown in Figure 4.3-1. On the resulting Profile page, click Edit profile as shown in Figure 4.3-2. 26

Figure 4.3-1. User Settings Dropdown Figure 4.3-2. User Profile On the Edit Profile page, click Preferences as shown in Figure 4.3-3. And finally, on the Preferences page, click Change Password, as shown in Figure 4.3-4. Enter the Current password, the New password, and the New password (again) as shown in Figure 4.3-5. Note that although this is a different password than the user s Customer Portal password, it may be easier to remember if it is configured to be the same. Click Save changes to save the new password. 27

Figure 4.3-3. Edit Profile Page Figure 4.3-4. User Preferences 28

Figure 4.3-5. Change Password Dialog 29

5 VIRTUAL PRIVATE NETWORK (VPN) Customer Portal/Password Management/VPN Reference Guide MFN-2 customers may order a VPN into MFN-2. This allows the customer to access their workrelated artifacts from a client device at home or anywhere that has an Internet connection. If the user already has a Customer Portal account, the MFN-2 NOC/SOC will notify the user they have been added to the appropriate VPN group and instruct them to use their same Customer Portal credentials, including the PIN and token. If the user does NOT have a Customer Portal account, the MFN-2 NOC/SOC will email the user a username and initial password. If, at a later date, the VPN user applies for a Customer Portal account, the user will be emailed instructions to use their same VPN credentials when accessing the Customer Portal. The two options of remote access VPN for customers is the Clientless version, which allows the user to access preconfigured web resources via a web browser, and the Client-to-LAN version, which requires the Cisco AnyConnect Secure Mobile application. Both options require the same multifactor authentication used for Customer Portal access. 5.1 Clientless VPN No client software installation is necessary for MFN-2 network access when using the Clientless VPN option, however, since multifactor authentication is used, the RSA SecurID Token application must still be downloaded and installed per the instructions in Sections 2.2 through 0 of this guide before proceeding with these instructions. To access the VPN using the Clientless option, customers navigate to the VPN login page at https://vpn.mfn2.myflorida.com using the Internet Explorer (preferred) web browser. To login, enter a USERNAME (lowercase) and PASSWORD, and click Login. Figure 5.1-1 displays an example for a DMS test account. Note that in this context, Password refers to the user s PIN plus token code. IN CASE OF A SECURITY ERROR: Click Internet Explorer s Tools menu and then click Internet Options as shown in Figure 5.2-5. Click the Security tab and then click Trusted Sites and then the Sites button as shown in Figure 5.2-6. Click Add to add the https://vpn.mfn2.myflorida.com site as shown in Figure 5.2-7 and click Close, and then click OK. Refresh the screen and start the process again. 30

Figure 5.1-1. VPN Login Page A successful login will land the user at a webpage hosting custom links to the agency s resources, as provided by the agency. An example is shown in Figure 5.1-2. The user should click Logout when the VPN session is no longer in use. Clicking Logout navigates the user to the page displayed in Figure 5.1-3. If the user clicks Logon, they will return to the VPN login page as shown in Figure 5.1-1. Figure 5.1-2. Custom VPN Links Example 31

Figure 5.1-3. VPN Logout Page 5.2 Client-to-LAN The VPN login page is accessed in the same manner for both the Clientless and Client-to-LAN options, by navigating in Internet Explorer to https://vpn.mfn2.myflorida.com as shown in Figure 5.1-1. If, instead of Clientless, an MFN-2 customer has ordered the Client-to-LAN option, the MFN-2 VPN concentrator will, upon successful login, attempt to automatically download and install the Cisco AnyConnect Secure Mobility Client. Initially, the system detects the client platform and begins analyzing the client device, as shown in Figure 5.2-1. In the next few minutes ActiveX and Java are detected. At this point, the user may be prompted to install an add-on as displayed in Figure 5.2-2. Click Install to accept the add-on installation. The user may be asked for permission and possibly administrator level credentials for the client device, which the user should supply. If the process is successful, the Cisco AnyConnect Secure Mobility Client application will begin downloading as shown in Figure 5.2-3. Figure 5.2-1. Cisco AnyConnect Download Process 32

Figure 5.2-2. Internet Explorer Prompt for Add-On Figure 5.2-3. Downloader In the event the user encounters a problem during the download, it is most likely due to Internet Explorer not trusting the VPN concentrator website. If this happens, the user will see the message shown in Figure 5.2-4. If there is no issue and the process is successful, the user will see a successful connection as shown in Figure 5.2-9. IN CASE OF A SECURITY ERROR: Click OK to close the dialog. Next, click the Tools menu and then click Internet Options as shown in Figure 5.2-5. Click the Security tab and then click Trusted Sites and then the Sites button as shown in Figure 5.2-6. Click Add to add the https://vpn.mfn2.myflorida.com site as shown in Figure 5.2-7 and click Close, and then click OK. Refresh the screen and start the process again. Figure 5.2-4. Download Error 33

Figure 5.2-5. Internet Explorer Internet Options Figure 5.2-6. Trusted Sites 34

Figure 5.2-7. Add Trusted Site Eventually, the Cisco AnyConnect Secure Mobility Client Downloader will begin installing the application as shown in Figure 5.2-8. The AnyConnect client should automatically connect and display as shown in Figure 5.2-9 and Figure 5.2-10. With the Client-to-LAN option, the user is not directed to any particular website as with the Clientless option. Instead, users navigate to their resources on their own. Figure 5.2-8. Installation 35

Figure 5.2-9. Connection Established Figure 5.2-10. VPN Disconnect To disconnect from the VPN, click the Disconnect button. Once disconnected from the Cisco AnyConnect Secure Mobility Client, the user will reconnect to the VPN by clicking the Cisco AnyConnect icon in the Windows Tray and clicking Connect as shown in Figure 5.2-11. Enter the Username and PIN + token code as shown in Figure 5.2-12. 36

Figure 5.2-11. VPN Reconnect Figure 5.2-12. Use PIN + Token for Password End of Customer Portal/Password Management/VPN Reference Guide 37

CUSTOMER PORTAL REQUEST FORM A-1

A-2

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback