Deployment 1: Compact
In this compact deployment, both the DualShield Authentication Server (DAS) and the DualShield RADIUS Server (DRS) are installed and operating on one single server machine that resides in the corporate network.
Deployment 2: Extended
In this extended deployment, the DualShield Authentication Server (DAS) is installed on a server machine that resides in the corporate network, and the DualShield RADIUS Server (DRS) is installed on a server machine that resides in the DMZ.
Ports & Protocols
| Port | Protocol | Function | Comment |
|---|---|---|---|
| 1812 | UDP | RADIUS authentication | |
| 1813 | UDP | RADIUS accounting | Optional in most cases |
| 8090 | TCP | RADIUS management | Used by the DualShield Authentication Server to manage the RADIUS server |
| 389 | LDAP | Used in communication between DualShield Authentication Server and AD server | |
| 636 | LDAPS | Used in communication between DualShield Authentication Server and AD server |
Deployment 1: Compact
In this compact deployment, the DualShield All-in-One Server that includes both the SSO Server and Authentication Server resides in the corporate network.
Deployment 2: Extended
In this extended deployment, the DualShield platform is split into two servers, the front-end SSO Server that reside in DMZ, and the backend Authentication Server that resides in the corporate network.
Ports & Protocols
Port | Protocol | Function | Comment |
|---|---|---|---|
| 8074 | TCP | DualShield SSO Server working port | Secure SSL |
| 8071 | TCP | Communication between DualShield SSO Server and DualShield Authentication Server | Secure SSL |
| 389 | LDAP | Communication between DualShield Authentication Server and AD Server | |
| 636 | LDAPS | Communication between DualShield Authentication Server and AD Server | Secure SSL |
Deployment 1: Compact
In this compact deployment, both the DualShield Authentication Server (DAS) and the Exchange server reside in the corporate network.
Deployment 2: Extended
In this extended deployment, the DualShield platform is split into two servers, the front-end SSO Server that reside in DMZ, and the back-end Authentication Server that resides in the corporate network.
Ports & Protocols
Port | Protocol | Function | Comment |
|---|---|---|---|
| 8074 | TCP | Communication between DualShield IIS Agent and DualShield SSO Server | Secure SSL |
| 8075 | TCP | Communication between DualShield IIS Agent and DualShield SSO Server | Secure SSL |
| 8071 | TCP | Communication between DualShield SSO Server anf DualShield Authentication Server | Secure SSL |
| 389 | LDAP | Communication between DualShield Authentication Server and AD Server | |
| 636 | LDAPS | Communication between DualShield Authentication Server and AD Server | Secure SSL |
Deployment 1: Compact
In this compact deployment, both the DualShield Authentication Server (DAS) and the Exchange server reside in the corporate network.
Deployment 2: Extended
In this extended deployment, the Exchange system is split into two servers, the front-end Edge Transport Server that resides in DMZ, and the backend Mailbox Server that resides in the corporate network.
The DualShield platform is also split into two servers, the front-end SSO Server that resides in DMZ, and the backend Authentication Server that resides in the corporate network.
Ports & Protocols
Port | Protocol | Function | Comment |
|---|---|---|---|
| 8074 | TCP | Communication between DualShield IIS Agent and DualShield SSO Server | Secure SSL |
| 8075 | TCP | Communication between DualShield IIS Agent and DualShield SSO Server | Secure SSL |
| 8071 | TCP | Communication between DualShield SSO Server and DualShield Authentication Server | Secure SSL |
| 389 | LDAP | Communication between DualShield Authentication Server and AD Server | |
| 636 | LDAPS | Communication between DualShield Authentication Server and AD Server | Secure SSL |
Related Articles
Deployment 1: Compact
In this compact deployment, both the DualShield Authentication Server (DAS) and the DualShield Logon Agent are installed and operating on one single server machine that resides in the corporate network.
Deployment 2: Extended
In this extended deployment, the DualShield Authentication Server (DAS) is installed on a server machine that resides in the corporate network, and the DualShield Logon Agent is installed on a server machine that resides in the DMZ.
Ports & Protocols
| Port | Protocol | Function | Comment |
|---|---|---|---|
| 14292 | HTTP | Communication between DualShield Logon Client and DualShield Logon Agent | |
| 14294 | HTTPS | Communication between DualShield Logon Client and DualShield Logon Agent | Secure SSL |
| 8071 | HTTPS | Communication between DualShield Logon Agent and DualShield Authentication Server | Secure SSL |
| 389 | LDAP | Communication between DualShield Authentication Server and AD Server | |
| 636 | LDAPS | Communication between DualShield Authentication Server and AD Server | Secure SSL |
Related Articles
Deployment 1: Compact
In this compact deployment, both the DualShield Authentication Server (DAS) and the DualShield Logon Agent are installed and operating on one single server machine that resides in the corporate network.
Deployment 2: Extended
In this extended deployment, the DualShield Authentication Server (DAS) is installed on a server machine that resides in the corporate network, and the DualShield Logon Agent is installed on a server machine that resides in the DMZ.
Ports & Protocols
| Port | Protocol | Function | Comment |
|---|---|---|---|
| 12841 | TCP | Communication between DualShield Logon Client and DualShield Logon Agent | Secure SSL |
| 8071 | HTTPS | Communication between DualShield Logon Agent and DualShield Authentication Server | Secure SSL |
| 389 | LDAP | Communication between DualShield Authentication Server and AD Server | |
| 636 | LDAPS | Communication between DualShield Authentication Server and AD Server | Secure SSL |