1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SRX5308
    5. /
  5. 91
Page 451 / 469 Scroll up to view Page 446 - 450
Two-Factor Authentication
451
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
This appendix focuses on and discusses only the first two factors, something you know and
something you have. This security method can be viewed as a two-tiered authentication
approach because it typically relies on what you know and what you have. A common
example of two-factor authentication is a bank (ATM) card that has been issued by a bank
institute:
The PIN to access your account is
something you know.
The ATM card is
something you have.
You need to have both of these factors to gain access to your bank account. Similar to the
way ATM cards work, access to the corporate networks and data can also be strengthened
using a combination of multiple factors such as a PIN and a token (hardware or software) to
validate the users and reduce the incidence of online identity theft.
NETGEAR Two-Factor Authentication Solutions
NETGEAR has implemented 2 two-factor authentication solutions from WiKID. WiKID is the
software-based token solution. So instead of using only Windows Active Directory or LDAP
as the authentication server, administrators now can use WiKID to perform two-factor
authentication on NETGEAR SSL and VPN firewall products.
The WiKID solution is based on a request-response architecture where a one-time passcode
(OTP), which is time-synchronized with the authentication server, is generated and sent to
the user after the validity of a user credential has been confirmed by the server.
The request-response architecture is capable of self-service initialization by end users,
dramatically reducing implementation and maintenance costs.
Here is an example of how WiKID works:
To use WiKID (for end users):
1.
Launch the WiKID token software, enter the PIN that has been provided (
something the
user know
s), and click
Continue
to receive the OTP from the WiKID authentication
server:
Figure 282.
Page 452 / 469
Two-Factor Authentication
452
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
2.
A one-time passcode (
something the user has
) is generated.
Figure 283.
Note:
The one-time passcode is time-synchronized to the authentication
server so that the OTP can be used only once and needs to be used
before the expiration time. If a user does not use this passcode
before it expires, the user needs to go through the request process
again to generate a new OTP.
3.
Proceed to the 2 Factor Authentication login screen, and enter the one-time passcode as the
login password.
Figure 284.
Page 453 / 469
453
E
E.
Notification of Compliance
NETGEAR wired products
Regulatory Compliance Information
This section includes user requirements for operating this product in accordance with National laws for usage of radio
spectrum and operation of radio devices. Failure of the end-user to comply with the applicable requirements may
result in unlawful operation and adverse action against the end-user by the applicable National regulatory authority.
This product's firmware limits operation to only the channels allowed in a particular Region or Country. Therefore, all
options described in this user's guide may not be available in your version of the product.
Europe – EU Declaration of Conformity
Products bearing the
marking comply with the following EU directives:
EMC Directive 2004/108/EC
Low Voltage Directive 2006/95/EC
If this product has telecommunications functionality, it also complies with the requirements of the following EU
Directive:
R&TTE Directive 1999/5/EC
Compliance with these directives implies conformity to harmonized European standards that are noted in the EU
Declaration of Conformity.
FCC Requirements for Operation in the United States
FCC Information to User
This product does not contain any user serviceable components and is to be used with approved antennas only.
Any product changes or modifications will invalidate all applicable regulatory certifications and approvals
This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This
device may not cause harmful interference, and (2) this device must accept any interference received, including
interference that may cause undesired operation.
FCC Guidelines for Human Exposure
This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This
equipment should be installed and operated with minimum distance of 20 cm between the radiator and your body.
This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter.
FCC Declaration Of Conformity
We, NETGEAR, Inc., 350 East Plumeria Drive, San Jose, CA 95134, declare under our sole responsibility that the
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308 complies with Part 15 of FCC Rules.
Operation is subject to the following two conditions:
This device may not cause harmful interference, and
This device must accept any interference received, including interference that may cause undesired operation.
Page 454 / 469
Notification of Compliance
454
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
FCC Radio Frequency Interference Warnings & Instructions
This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15
of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a
residential installation. This equipment uses and can radiate radio frequency energy and, if not installed and used in
accordance with the instructions, may cause harmful interference to radio communications. However, there is no
guarantee that interference will not occur in a particular installation.
If this equipment does cause harmful interference to radio or television reception, which can be determined by
turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the
following methods:
Reorient or relocate the receiving antenna.
Increase the separation between the equipment and the receiver.
Connect the equipment into an electrical outlet on a circuit different from that which the radio receiver is
connected.
Consult the dealer or an experienced radio/TV technician for help.
Modifications made to the product, unless expressly approved by NETGEAR, Inc., could void the user's right to
operate the equipment.
Page 455 / 469
455
Index
Numerics
10BASE-T, 100BASE-T, and 1000BASE-T speeds
74
3322.org
49
52
6to4 tunnels
configuring globally
64
DMZ, configuring for
126
LAN, configuring for
112
A
AAA (authentication, authorization, and accounting)
247
AC input
20
access, remote management
338
account name, PPTP and PPPoE
36
action buttons (web management interface)
24
active users, IPSec VPN, SSL VPN, PPTP, and L2TP
378
ActiveX
blocking
187
web cache cleaner, SSL VPN
281
AD (Active Directory)
configuration
306
described
303
address autoconfiguration, IPv6
55
address pools, Mode Config operation
252
address reservation
101
Address Resolution Protocol (ARP)
broadcasting, configuring
94
requests
96
addresses (IPv4 and IPv6)
See
IPv4 addresses
See
IPv6 addresses
administrative default settings
410
administrator
default name and password
22
receiving logs by email
364
settings (admin)
336
user account
312
advertisement prefixes, IPv6
DMZ, configuring for
125
LAN, configuring for
111
advertisement, UPnP information
200
AES (Advanced Encryption Standard)
IKE policy settings
235
Mode Config settings
252
SNMPv3 user settings
346
VPN policy settings
243
244
alternate network, multicast pass-through
175
application level gateway (ALG)
176
ARP (Address Resolution Protocol)
broadcasting, configuring
94
requests
96
arrows, option (web management interface)
24
attached devices
monitoring with SNMP
342
viewing
386
attack checks
170
172
authentication
for IPSec VPN
pre-shared key
205
,
210
,
213
,
236
RSA signature
236
for L2TP
273
for PPTP
270
for SSL VPN
306
See also
AD (Active Directory)
LDAP (Lightweight Directory Access Protocol)
MIAS (Microsoft Internet Authentication Ser-
vice)
RADIUS authentication
WiKID
authentication algorithm and password, SNMPv3 users
346
authentication domain
303
,
311
authentication, authorization, and accounting (AAA)
247
authoritative mode, NTP servers
353
Auto Uplink, autosensing Ethernet connections
15
autodetecting IPv4 Internet settings
32
autoinitiating VPN tunnels
242
auto-rollover mode
bandwidth capacity
329
DDNS
50
IPv4
configuring
45
46
described
40

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top