Momwe Mungakhazikitsire Hailbytes VPN Kutsimikizika

Introduction

Tsopano popeza mwakhazikitsa ndikusintha VPN ya HailBytes, mutha kuyamba kuyang'ana zina mwachitetezo cha HailBytes yomwe ikupereka. Mutha kuyang'ana blog yathu kuti mupeze malangizo okhazikitsa ndi mawonekedwe a VPN. M'nkhaniyi, tikambirana njira zovomerezeka zothandizidwa ndi HailBytes VPN ndi momwe mungawonjezere njira yotsimikizira.

mwachidule

HailBytes VPN imapereka njira zingapo zotsimikizira kupatula kutsimikizika kwawoko. Kuti muchepetse ziwopsezo zachitetezo, timalimbikitsa kuletsa kutsimikizika kwanuko. M'malo mwake, timalimbikitsa kutsimikizika kwazinthu zambiri (MFA), OpenID Connect, kapena SAML 2.0.

MFA imawonjezera chitetezo china pamwamba pa kutsimikizika kwanuko. HailBytes VPN imaphatikizapo mitundu yomangidwa m'dera lanu ndikuthandizira MFA yakunja kwa anthu ambiri otchuka monga Okta, Azure AD, ndi Onelogin.

OpenID Connect ndi wosanjikiza wodziwika womangidwa pa protocol ya OAuth 2.0. Imapereka njira yotetezeka komanso yokhazikika yotsimikizira ndikupeza zambiri za ogwiritsa ntchito kuchokera kwa omwe amapereka zidziwitso popanda kulowa kangapo.

SAML 2.0 ndi mulingo wotseguka wa XML wosinthira zidziwitso zotsimikizika ndi chilolezo pakati pamagulu. Imalola ogwiritsa ntchito kutsimikizira kamodzi ndi wopereka zidziwitso popanda kutsimikiziranso kuti apeze mapulogalamu osiyanasiyana.

OpenID Lumikizani ndi Azure Set up

M'gawoli, tikambirana mwachidule momwe mungaphatikizire opereka chizindikiritso chanu pogwiritsa ntchito OIDC Multi-Factor Authentication. Bukuli lakonzedwa kugwiritsa ntchito Azure Active Directory. Othandizira osiyanasiyana amatha kukhala ndi masinthidwe achilendo ndi zovuta zina.

Tikukulangizani kuti mugwiritse ntchito imodzi mwamakampani omwe athandizidwa ndikuyesedwa mokwanira: Azure Active Directory, Okta, Onelogin, Keycloak, Auth0, ndi Google Workspace.

Ngati simukugwiritsa ntchito operekera OIDC ovomerezeka, masinthidwe otsatirawa amafunikira.

a) discovery_document_uri: The OpenID Connect provider configuration URI yomwe imabweza chikalata cha JSON chomwe chinagwiritsidwa ntchito popanga zopempha kwa wopereka OIDC uyu. Othandizira ena amatchula izi ngati "URL yodziwika bwino".

b) kasitomala_id: ID ya kasitomala wa pulogalamuyo.

c) kasitomala_chinsinsi: Chinsinsi cha kasitomala pakugwiritsa ntchito.

d) redirect_uri: Imalangiza wopereka OIDC komwe angatumizenso pambuyo potsimikizika. Iyi iyenera kukhala Firezone yanu EXTERNAL_URL + /auth/oidc/ /callback/, mwachitsanzo https://firezone.example.com/auth/oidc/google/callback/.

e) response_type: Khazikitsani ku code.

f) makulidwe: OIDC amakula kuti mupeze kuchokera kwa omwe akukupatsani OIDC. Osachepera, Firezone imafuna ma openid ndi ma imelo.

g) label: Zolemba za batani zomwe zikuwonetsedwa patsamba lolowera pa Firezone portal.

Yendetsani patsamba la Azure Active Directory patsamba la Azure. Sankhani ulalo wolembetsa wa App pansi pa menyu Sinthani, dinani Kulembetsa Kwatsopano, ndikulembetsa mukalowetsa zotsatirazi:

a) Dzina: Firezone

b) Mitundu yaakaunti yothandizidwa: (Kalozera Wosasinthika - Wopanga nyumba m'modzi)

c) Londoleranso URI: Iyi iyenera kukhala Firezone yanu EXTERNAL_URL + /auth/oidc/ /callback/, mwachitsanzo https://firezone.example.com/auth/oidc/azure/callback/.

Mukalembetsa, tsegulani tsatanetsatane wa pulogalamuyo ndikukopera ID ya Application (kasitomala). Ili likhala mtengo wa kasitomala_id.
Tsegulani zomaliza kuti mutenge chikalata cha metadata cha OpenID Connect. Uwu ukhala mtengo wa discovery_document_uri.

Sankhani ulalo wa Zikalata & zinsinsi pansi pa menyu Sinthani ndikupanga chinsinsi cha kasitomala watsopano. Lembani chinsinsi cha kasitomala. Ichi chikhala kasitomala_chinsinsi mtengo.

Sankhani ulalo wa zilolezo za API pansi pa menyu Sinthani, dinani Onjezani chilolezo, ndikusankha Microsoft Graph. Onjezani imelo, openid, offline_access ndi mbiri ku zilolezo zofunika.

Pitani ku / zoikamo/chitetezo patsamba la admin, dinani "Add OpenID Connect Provider" ndikulowetsa zomwe mwapeza m'masitepe pamwambapa.

Yambitsani kapena zimitsani njira yopangira Auto kupanga ogwiritsa ntchito kuti adzipangire okha ogwiritsa ntchito opanda mwayi mukalowa munjira yotsimikizira iyi.

Zabwino zonse! Muyenera kuwona Lowani ndi batani la Azure patsamba lanu lolowera.

Kutsiliza

HailBytes VPN imapereka njira zingapo zotsimikizira, kuphatikiza kutsimikizika kwazinthu zambiri, OpenID Connect, ndi SAML 2.0. Mwa kuphatikiza OpenID Connect ndi Azure Active Directory monga momwe zasonyezedwera m'nkhaniyi, ogwira ntchito anu atha kupeza mosavuta komanso motetezeka chuma chanu pa Cloud kapena AWS.

Chidziwitso cha Mtsogoleri wa LockBit Wawululidwa - Chovomerezeka kapena Troll?

Mwina 9, 2024 No Comments

Chidziwitso cha Mtsogoleri wa LockBit Wawululidwa - Chovomerezeka kapena Troll? Lockbit imadziwika kuti ndi imodzi mwamagulu otsogola kwambiri padziko lonse lapansi.

Werengani zambiri "

Momwe Mungachotsere Metadata pa Fayilo

April 27, 2024 No Comments

Momwe Mungachotsere Metadata mu Fayilo Yoyambira Metadata, yomwe nthawi zambiri imatchedwa "deta ya data," ndi chidziwitso chomwe chimapereka zambiri za fayilo inayake. Iwo

Werengani zambiri "

Kudutsa Kufufuza pa intaneti ndi TOR

April 27, 2024 No Comments

Kudutsa Kufufuza pa intaneti ndi TOR Mau oyamba M'dziko lomwe mwayi wopeza zidziwitso ukuchulukirachulukira, zida ngati netiweki ya Tor zakhala zofunikira kwambiri

Werengani zambiri "

Momwe Mungakhazikitsire Hailbytes VPN Kutsimikizika

Introduction

mwachidule

OpenID Lumikizani ndi Azure Set up

Kutsiliza

Chidziwitso cha Mtsogoleri wa LockBit Wawululidwa - Chovomerezeka kapena Troll?

Momwe Mungachotsere Metadata pa Fayilo

Kudutsa Kufufuza pa intaneti ndi TOR

Services

Kampani Yathu

Adilesi Yathu

Solutions

Security FAQ

Media Social