Page History

By default, the communication protocol used between the DualShield computer logon client and agent is a custom application-level protocol on top of TLS, similar to how HTTPS protocol works. Although its security level is regarded to be on the same level as HTTPS,  some customers find that using a custom protocol is inconvenient (as they would have to set up special firewall rules if they plan to implement the DualShield Computer Logon system for offsite logins, for instance), or is not compliant with their security policies. Therefore, a new option is added to allow customers to configure the DualShield computer logon solution to work on the HTTPS protocol. To use the HTTPS protocols, you need to install an addon called Chisel. Chisel is a fast TCP/UDP tunnel, transported over HTTP and secured via SSH. (Please note, although Chisel is a popular open source project used by many products, some Antivirus software might falsely flag it as malware). 

The Chisel addon needs to be installed on both ends, on the computer logon agent machine and the computer logon client machine. 

Communication between the Communication Logon Client and DualShield Authentication  Server is done via the Computer Logon Agent, however, the default Communication port 12841 between DualShield Logon Client and DualShield Logon Agent is not secure.

You can secure communication by installing the Chisel Add-on which allows Secure SSL communication via port 12843.

There are two installation files that you need to download from https://support.deepnetsecurity.com/visit.asp?pg=download/dualshield

Image Added

Image AddedImage Removed

The "computer-logon-chisel-agent-addon-installer will need installer" is for the logon agent. It needs to be installed on the same machine you have installed the Computer Logon agentAgent.

The "windows-computer-logon-chisel-client-addon-installer installer" is for the logon client. It needs to be installedon all the machines which are protected by the Computer Logon Client.