Portal Configuration

You can keep the Guardium® appliance Web server on its default port (8443) or reset the portal. We strongly recommend that you use the default port.

1. Click Setup > Tools and Views > Portal to open the Portal.
2. If it is not marked, mark the Active on Startup checkbox (this should never be disabled).
3. Set the HTTPS Port to an integer value between 1025 and 65535.
4. Click Apply to save the value. (The Guardium security portal will not start listening on this port until it is restarted.) Or click Revert to restore the value stored by the last Apply operation.
5. Click Restart to restart the Guardium Web server if you have made and saved any changes. You can now connect to the unit on the newly assigned port.
   Note: To re-connect to the unit after it has restarted with the new port number, you must change the URL used to open the Guardium Login Page on your browser.

The Guardium Portal Configuration is used to define the way user passwords are authenticated when logging into the Guardium appliance. There are three choices.

These choices are Local (Guardium Default), RADIUS or LDAP.

The Portal configuration screen under Setup > Tools and Views > Portal is used for the following:

1. To define the best way to authenticate a user password.
2. To restart GUI to reset the authentication type.

The Local connection will work when a password for a given user is defined from a login. The login is defined using the accessmgr role. By default login into the accessmgr account which has the accessmgr role. This role gives a user the ability to add or uploaded user accounts and create passwords.

When you define your username and password using the accessmgr role type, the defined password per user will be used when logging into the Guardium appliance.

The RADIUS connection allows login authentication through a radius server. The Radius/RSA server can be defined using both a password and a SecurID token number. The SecurID token numeric password is displayed via a hardware token.

The Radius/RSA server is defined on a Windows server. The security RSA SecurID token is also defined and stored on the Radius server and does not have to be downloaded in order for the Radius portal to work.

In addition, a Radius server connection can be defined using a UNIX platform. Radius is also defined as FreeRadius. User account and passwords are defined on the Radius servers and do not have to be downloaded. In order to use FreeRadius, the client (Guardium server), username and passwords are defined on the FreeRadius UNIX servers and used when the Radius Portal connection is defined.

The default portal is set to Local.

The LDAP connection will work when the password is defined and stored on a given LDAP server. In order for a user to use the LDAP portal and to login, a user account name must be imported from the LDAP server first. Use the User LDAP Import function available from the accessmgr account to define the LDAP location and then import the LDAP users. The password does not have to be uploaded.