********************* Initial Configuration ********************* AuthControl Sentry Core ======================= """""""""""" Introduction """""""""""" The AuthControl Sentry Core is the considered to be the engine of the product. It is involved in all aspects of authentication processing, configuration and day to day security operations such as user administration, log viewing and activity reporting. """"""""""""""""""""" Functionality Summary """"""""""""""""""""" * Product Licensing * Authentication configuration and processing via XML API or RADIUS * Messaging configuration and processing e.g. SMTP, SMS, Push Notifications * Policy configuration and processing * LDAP / Active Directory configuration and sychronisation * Hard Token administration * Mobile App soft token administration * User account administration * Database migration * Reporting * Logging """"""""""""""""""""" Accessing the Web GUI """"""""""""""""""""" In your Web Browser, open the URL to the AuthControl Sentry Core, substituting the IP address you configured during the initial deployment: :strong:`https://:8080/sentry` To login to the AuthControl Sentry Core web GUI you will need the default login credentials: .. csv-table:: :header: "Username", "Default PIN" :widths: 20,40 "admin", "1234" .. WARNING:: Do not enter the PIN number into the OTC field (this is a common assumption). You will need to encipher the PIN using the PINsafe protocol as shown below (don't worry, this is easier than it sounds). .. image:: images/InitialConfig/2020-05-04_14-50-22.png How to extract the PIN from the Turing image: * First, enter the username. This is required before you can start a login session; * Next, click the 'Start Session' button to display a Turing image. * Encipher your PIN using the Turing image. Your PIN corresponds to the top row of the image and your One Time Code (OTC) corresponds to the bottom row * So, in the example below, the PIN '1234' would encipher to the One Time Code (OTC) of '4571'. .. image:: images/InitialConfig/2020-05-04_15-39-18.png * Remember that each time you login the Turing image will be different and you will need to encipher your PIN each time, using the numbers on the bottom row. .. image:: images/InitialConfig/2020-05-04_15-29-21.gif You may find this challenging to use at first, but it will get easier with further use. The Turing image is one of our patented login methods, unique to Swivel Secure, and you will be able to deploy this authentication method for your login integrations. .. HINT:: It is recommended that you change the admin user PIN as soon as possible after deployment. """""""""""""""""""""""" Applying the License Key """""""""""""""""""""""" The license key is used to retrieve your software entitlements via our License Key Server and requires online connectivity. However, if online connectivity is not available on the network segment where the Swivel appliance has been deployed, then you can request the 'License Info' key, which is a much longer key that contains all of the encoded license entitlements within it. Online Mode """"""""""" To proceed with Online Mode, you will need: * Site ID * License key * AuthControl Sentry Core access Login to the AuthControl Sentry Core web GUI. Click Server -> Name. Paste in your 10-digit Site ID and click 'Apply'. .. image:: images/InitialConfig/2020-05-04_16-07-08.png Then click Server -> License. Paste your License key into the 'License key' field, set the Online dropdown to 'Yes' and click 'Apply'. .. image:: images/InitialConfig/2020-05-04_16-33-18.png The license key will then be applied. If you are successful you will receive a similar green coloured info banner confirming the successful download of the license entitlements: .. image:: images/InitialConfig/2020-05-04_16-40-15.png You will also be able to see that the Licensed users value has increased on the Status screen. If license application fails for Online mode, please ensure that you have the following firewall rule open from the segment where the Swivel appliance is deployed: .. csv-table:: :header: "Source", "Destination", "Port", "Protocol", "Description" :widths: 20,20,20,20,20 "AuthControl Sentry", "ssd.swivelsecure.net", "443", "TCP", "License retrieval" Alternatively, if you do not intend to open the firewall up to the outside world, you may retrieve the longer 'License info' key from an online machine manually as described in the next section. Offline Mode """""""""""" To proceed with Offline Mode, you will need: * Site ID * License key * AuthControl Sentry Core access Login to the AuthControl Sentry Core web GUI. Click Server -> Name. Paste in your 10-digit Site ID and click 'Apply'. .. image:: images/InitialConfig/2020-05-04_16-07-08.png Construct the following URL in your Web Browser address bar, replacing the part with your license key: :strong:`https://ssd.swivelsecure.net/slksext/licence/` :emphasis:`e.g. https://ssd.swivelsecure.net/slksext/licence/a23f12a4-a140-40a1-a1a1-aaaa1a01aa1a` The server response will be a very long encoded string of random characters. Copy the entire output from the Web Browser into the clipboard, ready to paste into the Core. .. image:: images/InitialConfig/2020-05-04_17-29-13.png Then click Server -> License. Paste this very long encoded string into the 'License info' field, set the Online dropdown to 'No' and click 'Apply'. .. image:: images/InitialConfig/2020-05-04_17-21-14.png AuthControl Sentry SSO Web GUI ==============================