ISL01: Transparently Authenticating Tablets, Smartphones and Laptops with Symantec Managed PKI Service

Similar documents
ipad authentication with Symantec MPKI and Active Sync connections

Deliver and manage customer VIP POCs. The lab will be directed and provide you with step-by-step walkthroughs of key features.

Comodo Device Manager Software Version 4.0

Symantec Managed PKI. Integration Guide for ActiveSync

Duo Security Enrollment Guide

Windows Smart Card Logon Use Case

Virtua Dual Authentication Entrust IdentityGuard Enrollment

Connecting Devices to the PSD-BYOD Network

ReACT New User Setup, Password Reset and Account Unlock Instructions

HHS ENTERPRISE PORTAL

Bechtel Partner Access User Guide

Remote Access Application Viewer User Guide. Version 2.5

REVIEWERS GUIDE NOVEMBER 2017 REVIEWER S GUIDE FOR CLOUD-BASED VMWARE WORKSPACE ONE: MOBILE SINGLE SIGN-ON. VMware Workspace ONE

Remote Access Application Viewer User Guide. Version 2.3

Getting Started with Duo Security Two-Factor Authentication (2FA)

IC L19 - Consolidate Information from across your Infrastructure to create a custom report for PCI DSS Hands-On Lab

Should you encounter any issues or have questions as you go through this registration process, please send an to:

Organizing Your Network with Netvibes 2009

Two-Factor Authentication User FAQ s

Pulse Workspace Appliance. Administration Guide

Energy Trading System (ETS) Training Environment User Access Enrolment Procedures

Multi-Sponsor Environment. SAS Clinical Trial Data Transparency User Guide

IC121-End-to-End Virtual Security Hands-On Lab

isupplier Portal Registration & Instructions Last Updated: 22-Aug-17 Level 4 - Public INFRASTRUCTURE MINING & METALS NUCLEAR, SECURITY & ENVIRONMENTAL

Security Cooperation Information Portal

VMware Workspace ONE UEM Apple tvos Device Management. VMware Workspace ONE UEM 1811 VMware AirWatch

Digital Certificate Service (DCS) - User Guide

Duo Security Enrollment Guide

BYOD Foundation Service. User Guide for ios v1.5

IS L02-MIGRATING TO SEP 12.1

Accessing Positive Networks on an ipad/iphone

User Guide: Adding a Device in Duo and Managing Settings

MyFloridaNet-2 (MFN-2) Customer Portal/ Password Management/ VPN Reference Guide

goremote.carolinas.org

UP L12: Still on SEP 11? Let us show you how to simplify migration to SEP.

The purpose of this document is to help you to get started with your ipad to access Lilly resources such as , calendar, Lilly apps and more.

Remote Access Installation

Symantec Managed PKI. Integration Guide for AirWatch MDM Solution

Registering an ipad for Duo Two-Factor Authentication

VMware AirWatch tvos Platform Guide Deploying and managing tvos devices

Symantec Mobile Management 7.1 Implementation Guide

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP

Authentication Options

a) Log in using your credentials. Your User Name will be your address. Enter Password and click <Log On>

VMware Workspace ONE UEM Integration with Apple School Manager

Two-Factor Authentication for Q-Port

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

Outlook 2010 Exchange Setup Guide

Integration with Apple Configurator 2. VMware Workspace ONE UEM 1902

Fingerprint Authentication Guide

GRS Enterprise Synchronization Tool

Virtua Dual Authentication Entrust IdentityGuard Enrollment

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

TIS/App Delivery Mobility Job Aid: Install and Configure Microsoft Outlook on Your iphone. Overview. Job Aid: Outlook for Mobile - iphone

Remote Access. Application Viewer User Guide

AirWatch Container. VMware Workspace ONE UEM

Administering Workspace ONE in VMware Identity Manager Services with AirWatch. VMware AirWatch 9.1.1

Table of Contents. VMware AirWatch: Technology Partner Integration

GlobalSign Enterprise Solutions

Module 3 Remote Desktop Gateway Estimated Time: 90 minutes

NextMD Patient Portal Guide

VMware AirWatch Certificate Authentication for EAS with ADCS

Two-Factor Authentication for Q-Port

Comodo IT and Security Manager Software Version 5.4

Table of Contents HOL-1757-MBL-6

Comodo IT and Security Manager Software Version 6.6

SelfService Portal. Step By Step Documentation. This document will show you how to enroll your user account to the SelfService Portal

WDC RDS Connection for Android Users

Get Qualified User Manual

Comodo LoginPro Software Version 1.0

Sync User Guide. Powered by Axient Anchor

Workspace Secure Container for Mobile Devices

The Kindred Directory allows you to search for employees and locations across all of our lines of business.

TPS ISS ipad Setup Process. Setup your mobile Device

NCI s Learning Management System (LMS) Instructor-Led Training (ILT) Learner Guide

Microsoft Remote Desktop setup for OSX, ios and Android devices

VMware AirWatch Self-Service Portal End User Guide

Comodo IT and Security Manager Software Version 6.4

User Guide My Account

JCCC Virtual Labs. Click the link for more information on installing on that device type. Windows PC/laptop Apple imac or MacBook ipad Android Linux

Hosted Microsoft Exchange Client Setup & Guide Book

Google Sync Integration Guide. VMware Workspace ONE UEM 1902

WINDOWS HOST GUIDE. Remote Support & Management PC Mac Tablet Smartphone Embedded device. WiseMo Host module on your PC or Server

Media Writer. Installation Guide LX-DOC-MW5.1.9-IN-EN-REVB. Version 5.1.9

Comodo IT and Security Manager Software Version 6.9

Archive to the Cloud: Hands on Experience with Enterprise Vault.cloud

Getting ready to set up. Step 1 Step 2. Note:

Voic Instructions

Two-Factor Authentication (2FA) Registration Instructions Symantec VIP Access

FAQ. General Information: Online Support:

Faculty Guide to e-campus Uploading and Submitting Grades University of Rhode Island Office of Enrollment Services

/ 1. Online Banking User Guide SouthStateBank.com / (800)

JOB AID ADDING MAAS360 TO AN APPLE IOS DEVICE

VMware AirWatch Google Sync Integration Guide Securing Your Infrastructure

EM L23 - Implementing Client and Server Management with Site Services Hands-On Lab

Credential Reporting and Housing System Instructions

i>clicker GO Student Manual

Anchor User Guide. Presented by: Last Revised: August 07, 2017

/ 1. Online Banking User Guide SouthStateBank.com / (800)

Lifespan Guide for installing and using Multi-Factor Authentication (MFA)

Transcription:

ISL01: Transparently Authenticating Tablets, Smartphones and Laptops with Symantec Managed PKI Service Hands-On Lab Description In this session, you will take a free test drive of Symantec Managed PKI Service; issue a certificate to a device and automatically configure the device/application for authentication to an enterprise Bring Your Own Device (BYOD) initiative specifically for ActiveSync communication to an Exchange email system. The BYOD lab will support iphones (3rd and 4th generation running ios 4 or 5) and ipads (1st and 2nd generation ipads running ios 4 or 5). You may use your own ios device for the lab, or a shared device will be available for the final step. At the end of this lab, you should be able to Use Symantec Managed PKI Service to strongly authenticate users and secure the communication between mobile devices and a Microsoft Exchange server using the ActiveSync protocol.

Notes A brief presentation will introduce this lab session and discuss key concepts. The lab will be directed and provide you with step-by-step walkthroughs of key features. Feel free to follow the lab using the instructions on the following pages. You can optionally perform this lab at your own pace. Be sure to ask your instructor any questions you may have. Thank you for coming to our lab session. LAB AGENDA Lab Exercise 1: PKI Administrator - Enroll for Symantec Managed PKI Service Free Trial Quick, easy and free access to the Symantec Managed PKI Service online. 10 minutes Lab Exercise 2: PKI Administrator - Configure your MPKI account for ActiveSync Configure ActiveSync certificate profile for target device Send ActiveSync certificate enrollment email to end-user 10 minutes Lab Exercise 3: End-user - Certificate enrollment, installation, configuration and usage Device certificate enrollment, profile installation and configuration Access your Exchange mailbox 10 minutes Discuss the Microsoft Exchange server side configuration Review the MPKI ActiveSync guide for instructions on: - Trusting the issuing CA - Mapping certificates to Windows accounts 2 of 26

Lab Exercise 1: Symantec Managed PKI Service Account Setup Open a web browser on the PKI workstation, and sign into the lab email account, follows: URL: Userid: Password: http://gmail.com vision2012.usern where n is your lab group number. Symantec1 Open a new browser tab and go to: http://www.symantec.com/theme.jsp?themeid=free-trial Click the link Get Started. Fill out the entire form. For the contact details, use (where n is your lab group number) First Name Vision2012 Last Name Usernn Email Address vision2012n@gmail.com Title Other Company Vision2012 Department Labn Company Size 1 to 10 Industry Other Street Address City Square City Barcelona State Other Zip B1 Country Spain Phone Number 1234567890 3 of 26

Once you have submitted the registration form, you will be sent an email to pick-up your PKI Administrator certificate. Switch to the Gmail mailbox tab in your browser Open the email subject Test Drive account approved. 4 of 26

In the email body, click on the link labeled, Go to the link below to get your certificate: 5 of 26

You will now be instructed to install PKI client to protect the administrator certificate. Click the download link for the Windows platform you are using From the File Download dialogue, click Run and follow the instructions to install the PKI Client software. 6 of 26

After the client software is installed, you will be prompted to restart the computer. Restart Windows, and return to the Gmail pickup message Click on Install Certificate. When prompted, create a PIN to protect the certificate in the PKI Client virtual token store. 7 of 26

Do not interrupt the browser while you are generating your key pair and installing your certificate. On the certificate installation success page, click on the button labeled Log in now. 8 of 26

When prompted, choose your administrator certificate. Symantec PKI Client will prompt you for your token PIN. Enter your PIN and click Submit. Welcome to the PKI Manager dashboard. The account setup is now complete. 9 of 26

Lab Exercise 2: PKI Administrator - Configure your MPKI account for mobile device ActiveSync certificate use-case(s) Using your web browser, login to PKI Manager and click the Tasks icon for Manage Certificate Profiles. Click Add certificate profiles. 10 of 26

Select Production Mode and click Continue. Choose the Certificate template, Secure Sign-in (Test Drive) and click Continue. 11 of 26

Type a Certificate friendly name, iosactivesync, and change the Enrollment Method to ios. Click Continue. 12 of 26

Select Authentication method Enrollment Code, then check the box: Include enrollment code as part of the URL in the enrollment email. Then click Save. Click Continue. 13 of 26

Click Edit, to set the device configuration. Configure the ActiveSync settings, then click Save. Connection type Account name Exchange host Microsoft ActiveSync Vision 2012 Lab n mail.ua.tso-cloud.com 14 of 26

Certificate profile configuration is complete. 15 of 26

Send ActiveSync certificate enrollment email to end-user In PKI Manager, click the Tasks icon for Manage users and certificates. Click Add users. 16 of 26

Select the radio button for I want to add: A single user. In this wizard, we will set the Email as the user s corporate email, as this value is also used as the Seat Id. In this lab, the user s corporate email address and their Windows domain Universal Prinicpal Name (UPN) are the same. The UPN value will also be included in the certificate SubjectAltName and is used by ActiveSync to map the domain user s mailbox. Use domain user usern@ua.tso-cloud.com where n is your lab group number. Click Continue. 17 of 26

Enter the user s First Name and Last Name and click Continue. The user is added. Click Edit user details. Update the Email address. The email should be sent to an address where it can be read from the end-user device. You can use your own email address, or use the lab Gmail account used earlier. 18 of 26

Click Save. Click Enroll user for a certificate. 19 of 26

Select the appropriate Certificate profile for the end-user s device, iosactivesync. Check the box Have the system send the enrollment email to the users I m enrolling. Click Continue. Set Other Name (UPN) value to the same domain user that you chose for the Seat ID. Leave Email blank. (The Email from this page is not honored. The email will be sent to the value we set in Edit user details, in step 16.) Click Continue. 20 of 26

Click Done. 21 of 26

Lab Exercise 3: End-user - Certificate enrollment, installation, configuration and usage On your ios device (or on the shared lab ipad), open up your email messages to check for the pickup message from Managed PKI. If you are using the lab ipad, open up the email for Vision Lab Gmail n where n is your lab group number. You should see a message with the subject Enroll for your certificate. Open the message and click on the link in the message. This will show the initial enrolment page. 22 of 26

Next, you will see an identity confirmation message. Click on Continue to begin the profile installation process. On the Install Profile page, click Install. You will be asked to confirm the installation, then be prompted for your passcode. This is the same passcode used to lock your screen. 23 of 26

The ios device will now automatically generate a key, and enroll for the certificate, then install the profile. 24 of 26

Once the profile is installed, return to the mail, and navigate back to all Inboxes. You will see a new inbox for Vision 2012 Lab n. Select this inbox. The ios device will now connect to the Exchange server via ActiveSync, using the certificate provided. You should see your messages, including a Congratulations! message. This completes the lab. 25 of 26

Lab Exercise 3: Discuss the Microsoft Exchange server side configuration Download and review MPKI_ActiveSync.pdf (Also downloadable from PKI Manager Resources.) for instructions on the steps required to enable certificate based authentication for ActiveSync. Overall steps required are Trust the Issuing CA Map certificates to domain user accounts 26 of 26

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback