Technische Ondersteuning

Wat kunnen we voor u betekenen?

 

What is Secure VPN and how to configure it in Aether products

Informatie van toepassing op:

Products
Panda Adaptive Defense 360
Panda Adaptive Defense 360 on Aether Platform
Panda Adaptive Defense on Aether Platform

The security configuration for VPN connections provides an extra layer of security in the connections established between remote user computers and corporate networks through VPN.

The computer that wants to connect to the network through VPN must meet a number of conditions for the Firebox to allow access. If you do not comply, access will be denied.

The agent installed on the computer is responsible for gathering and sending the information that the Firebox needs to perform the checks.

For more information about the Firebox and its VPN connection settings, see https://www.watchguard.com/help/docs/help-center/es-xl/Content/en-US/Fireware/services/tdr/tdr_host_sensor_enforcement.html

Requirements
Before you can use security protection for VPN connections with the Firebox, your computer must meet the following requirements:

  • Have the protection installed and active.
  • Have a valid account ID and authentication key.
  • Operating system: Windows 8.1 or higher and macOS High Sierra 10.13 or higher.
  • Ports: For the security protection for VPN connections to work properly, the agent installed on the computer requires port 33000 for its communication with the Firebox.
  • Activated and running advanced hardening or lock mode protection.
  • Activated and running antivirus protection is considered valid.

Secure VPN connections is not supported on Linux and macOS operating systems. When you enable this functionality, computers running these operating systems or versions earlier than Windows 8.1 will not be able to connect to the VPN.

Requirements check
When the computer tries to connect to the corporate network through a VPN, the Firebox performs the following actions:

  • TDR host sensor enforcement on the Firebox is enabled.
    • Record the host sensor enforcement unique identifier (UUID) and authentication key.
  • Requests information about the status of the protection installed on the computer.
  • Check that the account UUID and authentication key are valid. Both are available in the configuration of the Firebox that is used to connect to the VPN.
  • Confirm that the computer's operating system is valid, contrasting it with the ones configured.
  • Computers you want to enable Secure VPN for have endpoint protection installed and running with Advanced Protection in hardening or lock mode or Antivirus is enabled.
If all checks are positive, the Firebox will allow the computer access to the corporate network through the VPN; otherwise, it will not allow it.

By default, computers have security compliance enforcement turned on to connect to VPN through the Firebox.

Access to security settings for VPN connections
To turn on security for VPN connections, follow these steps:
  1. Click Network Services in the side menu.
  2. In the top tab menu, click VPN Security.

  3. To turn protection on, turn on the slider.
  4. Enter the UUID of the account and the authentication key.
  5. Click the Save Changes button.
+ Configure Secure VPN on the Firebox - Configure Secure VPN on the Firebox

Until the release of Fireware v12.9, you configure secure VPN for the Firebox with the TDR host sensor enforcement settings in Fireware Web UI or Policy Manager.



For information on how to configure host sensor enforcement on the Firebox, see Configure TDR Host Sensor Enforcement in Help Center.
Artikelnummer- 20221102 700130 EN

Hebt u een antwoord op uw vraag kunnen vinden in dit artikel?

JA NEE

Hartelijk dank voor uw antwoord


Hoe zou u dit artikel verbeterd willen zien?




Wilt u contact opnemen met onze technische ondersteuning?

ALTIJD ONLINE OM U TE HELPEN TWITTER FORUM
ALTIJD ONLINE OM U TE HELPEN TWITTER FORUM