Home
SafeLinx Administrator
The SafeLinx Administrator is a Java application that lets administrators configure, monitor, and maintain the resources of one or more SafeLinx Servers.
Configuring for security
SafeLinx includes options for configuring security.
Using RADIUS authentication profiles
You can control how clients are authenticated using third-party configuration properties in RADIUS authentication profiles.

SafeLinx Administrator
The SafeLinx Administrator is a Java application that lets administrators configure, monitor, and maintain the resources of one or more SafeLinx Servers.
- Controlling resources and organizational units
  SafeLinx gives you control over all resources and organizational units.
- Customizing network configuration
  SafeLinx lets you customize your network configuration.
- Configuring for security
  SafeLinx includes options for configuring security.
  - Configuring TLS certificates
    You can configure different components of the SafeLinx Server to use Transport Layer Security (TLS) to secure their communications.
  - Using Certificate-based authentication profiles
    You can control how clients are authenticated using third-party configuration properties in certificate-based authentication profiles.
  - Using LDAP-bind authentication profiles
    You can control how clients are authenticated using third-party configuration properties in LDAP-bind authentication profiles.
  - Using RADIUS authentication profiles
    You can control how clients are authenticated using third-party configuration properties in RADIUS authentication profiles.
  - Using device identification with SafeLinx Clients
    Some devices have serial numbers that are associated with their hardware, which can be used for identification. Users who connect through the SafeLinx Client that is configured for Password key exchange can have an extra level of security by taking advantage of these device identifiers.
  - Configuring users to be authenticated using only RADIUS
    You can configure the SafeLinx Client to be authenticated using RADIUS.
  - Configuring users to be authenticated using only LDAP-bind
    You can configure the SafeLinx Client to be authenticated using LDAP-bind.
  - Configuring users to be authenticated using certificate-based authentication
    You can configure a SafeLinx Server to connect by using certificate-based authentication.
  - Limiting the client logon to a specific class of devices
    You can limit the SafeLinx Clients that are permitted to log on to the SafeLinx Server by device class. This capability is a security feature of the connection profile that is assigned to the mobile network connection (MNC) to which the client logs in. How devices are identified depends on the operating system of the SafeLinx Client.
  - Configuring a restricted session for Windows integrated logon
    When you configure the SafeLinx Client to use the Windows integrated logon, you can choose to offer these clients access to a restricted session.
- Managing administrators
  SafeLinx provides the tools to manage administrators.
- Managing users
  SafeLinx provides the tools to manage users.
- Troubleshooting problems
  SafeLinx helps you troubleshoot problems.
- What is...
  SafeLinx Administrator Help identifies and clarifies necessary topics.

Using RADIUS authentication profiles

You can control how clients are authenticated using third-party configuration properties in RADIUS authentication profiles.

About this task

To configure a SafeLinx Server to connect using RADIUS, or a combination of methods, create an authentication profile or profiles, then assign them to a connection profile or HTTP access service.

Procedure

Click the Resources tab.
Right-click the OU in which you want to create an authentication profile.
Create an authentication profile. Select Add Resource > Authentication profile > RADIUS.
If this is a connection profile for connection with SafeLinx Clients, determine if they should receive an additional challenge for authentication. If this option is not selected, the SafeLinx Client user account is passed to the RADIUS server. Then, edit the properties of the SafeLinx Server. Review the port number of the SafeLinx Server that listens for RADIUS servers. All RADIUS servers use the same port and shared secret.
Determine if you want to enable lightweight third-party authentication (LTPA) and single sign-on (SSO). If so, specify the realm (or domain) to encode in the token, attribute to encode in the token, lifetime in minutes of the LTPA token, the SSO domain , and whether SSO should use transport layer security (TLS) connections only.
Assign the authentication profile to the resource that uses it.
Edit the properties of the connection profile or HTTP access services. Click the Security tab, then select the Authentication profile that you want.
When all verifications that are configured pass, the SafeLinx Server finalizes the SafeLinx Client login.

Rate this topic

5 stars 4 stars 3 stars 2 stars 1 star

Comment on this topic.

By clicking this box, you acknowledge that you are NOT a U.S. Federal Government employee or agency, nor are you submitting information with respect to or on behalf of one. HCL provides software and services to U.S. Federal Government customers through its partners immixGroup, Inc. Contact this team at https://hcltechsw.com/resources/us-government-contact. Do not include any personal data in this Comment box. Note: To report a problem or question about the product software, do not use this form. Instead, go to the HCL Software Support site.