- Supports multi-factor user authentication for RADIUS-compliant devices and applications..
- It works integrated with MS Active Directory server, LDAP server and other identity servers for fixed username and password verification.
- Also supports SMS, Mail and Smart OTP
- and more features.
- Risks from using fixed username and password
- Remote access to the corporate network allows staff and business partners to work as if they were in the corporate office, thus saving time and transport.
- Remote access is through dangerous networks and areas that are not physically subject to adequate access controls.
- Therefore, the access information used during access (user code and password information) is likely to be captured by potential attackers.
- In all critical accesses with fixed user code and password, there is a possibility that this information, which does not change (or at least has not been changed for a certain period of time), may be seized.
- With multi-factor authentication controls, the number of factors that need to be used for access increases, and the risk of unauthorized access is reduced as the probability of all this information being obtained by potential attackers is reduced.
- In addition, the use of a One Time Password (OTP) for each access will be greatly reduced, even if it is stolen, when the validity of this information is used or it is lost within a limited time frame.
BTROTP ISO IMAGE INSTALLATION
Virtual Machine Features:
It is recommended to install a server with minimum capacity of 20 GB, 2 Cores and 4 GB Ram.
Definitions specified in the following steps COMPLETE and FALSE should be careful not to have.
- IP Address Definition:
- XXX.XXX.XXX.XXX (Static IP must be defined)
- Netmask Address Definition:
- (A) Class : 255.0.0.0
- (B) Class : 255.255.0.0
- (C) Class : 255.255.255.0
- Gateway Address Definition:
- DNS Address Definition:
- There should be a space between DNS addresses.
WEB UI SETTINGS:
http(s)://XXX.XXX.XXX.XXX (Statically specified IP address must be entered through the browser.)
User Name: admin
Password: (entries can be made with a random password at first logon)
- Specifying a password
- Specifying an e-mail address
WEB UI OVERVIEW
SETTINGS
- Email Settings:
- Open Relay
- Authencation
- Active Directory Settings (AD):
SOFT OTP SETTINGS
- Email Content Settings:
- QR Code Content Settings:
- SMS OTP Settings:
- SMS API Settings (your specified SMS service provider is added to the system)
- TOKEN OTP Settings:
- License Settings:
- Generate license code
- License identification
ADVANCED SETTINGS
- Notification Settings:
- Session Timeout Settings:
- Syslog Settings:
- LDAP/RADIUS Settings:
- Local Password Policy:
- Language settings:
USERS
- Add User
When we click the Add User + button above, a window like the one below opens.
- General OTP Type Selection
- 2 Factor Authentication
After selecting “2 Factor Authentication” field, a window like the following appears.
If the user is in AD, the “AD user” field should be selected or if it is requested to be done via BTR OTP, the "Local User ” field should be selected.
- AD User:
- Add User from AD Server:
- Add Manual AD User:
- Local User:
If "Local User” field is selected, the window as below will appear.
- Local User Definition:
After completing the above fields, click the next button and the following window appears.
- Smart OTP Type Selection:
In the window above, there are SMS OTP, SOFT OTP, EMAIL OTP and TOKEN OTP options. One of the above fields should be selected if access to the related fields is provided.
- E-mail Address Definition:
E-mail address of the user must be entered as requested in the above window.
- Information E-mail (s) or SMS (s):
E-mail address of the person (s) to be notified can be entered in the above window. (If you will be notified by SMS, you should make sure that SMS settings are made.)
- Time Restriction:
In the above field, you can restrict the user's VPN access. Time constraint When Yes is selected, the following window appears.
After the time limit of the relevant user is applied/not applied, when we click the next button, the following window appears.
- Summary Information Screen:
The above window contains a summary of the information we have entered for the user concerned. Once the information has been checked, click Save and add the relevant user.
- Only OTP:
- User Name:
- OTP Selection:
- Users and System LOGs
SOFT OTP E-Mail Example:
An Alphanumeric key and QR Code have been sent for the One-Time Password as shown in the picture below.
NOTE: One-Time Password is generated by Alphanumeric or QR Code contained in this E-Mail.
Recommended Mobile Applications:
“Authenticator” from AppleStore or PlayStore to generate a One-Time Password or any of the "Duo Mobile" applications, download the following QR Code or enter the Alphanumeric key.
SUPPORTED FIREWALL DEVICES
(Will be added as simulated)