From the DualShield's point of viewDualShield Server perspective, Parallels (2X) Remote Remote Application Server (RAS) is an authentication agentAgent. In order for Parallels (2X) server Server to work with DualShield server, you need to first Server, you must register your Parallels (2X) server Server with your DualShield serverServer.
First, enable the Agent Auto Registration function in your DualShield server. In the DualShield Management Administration Console, select navigate to "Authentication | Agents" and , then click the "Auto RegistrationAUTO REGISTRATION" button on the tool bar:
You may want to enable the "Check IP" option for extra security.
in the toolbar.
Select the "Enabled" tickbox, to allow registration of Agents.
You can specify a start and end date, including where registration would be possible. With no dates specified, the allowance will remain ongoing.
For added security, you can specify the IP Address(es) of the remote system that will register the Agent with DualShield, preventing any other remote appliance from registering automatically.
Finally, click "SAVE" to update settings.
Log in to Log into your Parallels (2X) Remote Application Remote Application Server Console
Select "Connection" on the left pane.
Select the "Second Level Authentication" tab.
...
Click
...
on the '+' button on the top right
Select Deepnet DualShield from the dropdown
Fill in the name of the MFA Provider and click Next
...
In the "Server" enter the FQDN or IP of your DualShield Authentication Server.
Select "Enable SSL" if your DualShield Server is installed to operate on SSL mode.
Click "
...
Check Connection".
9. IMPORTANT: IGNORE 'DEEPNET SERVER NOT VALID' MESSAGE. Just click Yes heand
...
the DualShield 2X Agent will be registered.
...
Click "OK", you will see the following message box:
...
Click "OK".
Click "Next"
On the next screen click on the ellipses to the right of Application, then double-click the Application you created in Parallels DualShield Configuration from the list of applications
If the machine, hosting Parallels RAS is domain joined, the Default domain should auto-populate.
Next, set the Authentication Mode. There are three options to choose from the drop-down menu.
Mandatory for all users
If this option is enabled, then two-factor authentication is required for all users.
Create tokens for domain-authenticated users
If this option is enabled, then the Parallels (2X) Application Server will ask the DualShield Authentication Server to create a specified token type for user as soon as the user’s domain credential, i.e. AD password is successfully verified.
Use only for users with a Deepnet Account
(This option is deprecated and you do not need to use)
It is recommended that you keep the default Mandatory for all users (seeing as auto-provisioning of tokens can be set on the DualShield Admin Console see Provision MobileID tokens automatically to users)
Click Finish