By default, the communication protocol used between the DualShield computer logon client and agent is a custom application-level protocol on top of TLS, similar to how HTTPS protocol works. Although its security level is regarded to be on the same level as HTTPS, some customers find that using a custom protocol is inconvenient (as they would have to set up special firewall rules if they plan to implement the DualShield Computer Logon system for offsite logins, for instance), or is not compliant with their security policies. Therefore, a new option is added to allow customers to configure the DualShield computer logon solution to work on the HTTPS protocol. To use the HTTPS protocols, you need to install an addon called Chisel. Chisel is a fast TCP/UDP tunnel, transported over HTTP and secured via SSH. (Please note, although Chisel is a popular open source project used by many products, some Antivirus software might falsely flag it as malware).
The Chisel addon needs to be installed on both ends, on the computer logon agent machine and the computer logon client machine. You can secure communication by installing the Chisel Add-on which allows Secure SSL communication via port 12843.
There are two installation files that you need to download from https://support.deepnetsecurity.com/visit.asp?pg=download/dualshield
Image Added
Image AddedImage Removed
The "computer-logon-chisel-agent-addon-installer will need installer" is for the logon agent. It needs to be installed on the same machine you have installed the Computer Logon agentAgent.
The "windows-computer-logon-chisel-client-addon-installerwill need " is for the logon client. It needs to be installedon all the machines which are protected by the Computer Logon Client.
Expand |
---|
title | Install the Chisel Agent add-on |
---|
|
...
Section |
---|
|
column |
Run the computer-logon-chisel-agent-addon-installer-x.x.xx.xxxx.msi file and follow the on-screen prompts | Column |
---|
| Panel |
---|
| #9EBEE5 | #f0f0f0 | borderWidth | 1px | Image Removed |
|
Click on Image Removed on the top right.
...
...
In the new Logon Procedure window, please enter the following information:
...
Click: Save
...
Panel |
---|
borderColor | #9EBEE5 |
---|
bgColor | #f0f0f0 |
---|
borderWidth | 1px |
---|
|
Image Removed |
Add Logon Steps
Include Page |
---|
| Install the Chisel Agent add-on |
---|
| Install the Chisel Agent add-on |
---|
|
|
|
Expand |
---|
title | Install the Chisel Client add-on |
---|
|
Section |
---|
|
Column |
---|
Select the drop down menu corresponding to the Logon Procedure you will be using and click on Logon Steps. |
Column |
---|
width | 50% |
---|
Panel |
---|
| #9EBEE5 | #f0f0f0 | borderWidth | 1px | Image Removed |
|
In the Logon Steps Dialogue box, click the Image Removed button.
...
Column |
---|
Tick the desired authentication method, e.g. Static Password |
...
Panel |
---|
borderColor | #9EBEE5 |
---|
bgColor | #f0f0f0 |
---|
borderWidth | 1px |
---|
|
Image Removed |
Click Save.
...
Column |
---|
I have added two steps; Static Password and One-Time Password |
...
Panel |
---|
borderColor | #9EBEE5 |
---|
bgColor | #f0f0f0 |
---|
borderWidth | 1px |
---|
|
Image Removed |
Create an Application
...
Column |
---|
Authentication> Applications |
...
Panel |
---|
borderColor | #9EBEE5 |
---|
bgColor | #f0f0f0 |
---|
borderWidth | 1px |
---|
|
Image Removed |
Click on Image Removed on the top right.
...
...
In the new Application window, please enter the following information:
...
Select the Logon Procedure you had created in the previous step
| Install the Chisel Client add-on |
---|
| Install the Chisel Client add-on |
---|
|
|
|
Click: Save
...
Panel |
---|
borderColor | #9EBEE5 |
---|
bgColor | #f0f0f0 |
---|
borderWidth | 1px |
---|
|
Image Removed |
Bind the Application to an SSO Server Agent