mGuard Secure Cloud public - Quick Guide
Contents
1. fiGuard secure cloud mGuard Secure Cloud public Version 2 3 EN Table of Contents 1 IN OGUGCHION Wi AAA AE 1 LT Addresses AA AUA Se dE AA IIIA eee eee 2 1 2 Browser compatibility 2 1 3 Supportedlanguages 2 1 4 mGuard compatibility 3 1 5 Importantinformation 3 1 6 Available editions amp tariffs 4 1 7 Operatingelements 5 1 8 Recommended screen resolution 5 2 SIGWUD IA ee oe ee bese eae oes eee Sede enone oes eae 6 3 Loginforthefirsttime 8 3 1 Passwordforgotten 9 3 2 OnliinecheckvialPcheck 9 3 3 IP check with JavaScript 9 34 IPcheckviaJavaapplet 10 3 5 Autodetect mechanism 10 4 UAnitialstepsasanadministrator 11 4 1 Service Workstations and Service Targets Machines 11 4 2 Configure a VPN connection VPN Builder 13 4 2 1 PYECONGIIONS IIIA Oe odsada eo Oe oe ee a aa 13 4 2 2 Build a VPN configuration 14 4 2 3 Downlo2. zip 4 The VPN configuration will be loaded and is available within the mGuard Secure VPN Client as a new profile 5 The connection to the mGuard Secure Cloud public can now be initiated by a click on the slider Connection Connection T View Help Connection Profile Connection mGuard Secure Cloud public LI TmGuard Time online 00 00 39 Timeout Sec 100 sec Data Tx in KByte 10 36 Direction out Data Rx in KByte 13 41 Link Type LAN Speed KBytes 3 7 192 Encryption Triple DES Click here Info Where to buy Support Innominate Security Technologies 115003 en 02 Quick Guide 20 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator 6 During the first VPN connection to the Secure Cloud public the certificate PIN already speci fied in the VPN Builder is requested Change PIN Please enter your old PIN Please enter your new PIN New PIN Confirm PIN Must comply to the following PIN Policy 3 must be at least 6 characters long Hint For security reasons please change the initial PIN periodically To change the PIN proceed as follows 1 Open the mGuard Secure VPN Client 2 Goto the menu item Connection gt Enter PIN 3 Enter the current PIN 4 Enter and confirm the new PIN 5 Click OK Innominate Security Technologies 115003 _en_02 Quick Guide 21 mGuard Secure Cloud public Version 2 3 EN Initial steps as an
3. Innominate 2015 06 08 16 12 xss eqve innominate com testkommentar Supplier Phoenix Contact Manufacturing number 56686648552 Delivery day Location Berlin Adlershof Positioning data Lat Long 52 51 70365 13 3888599 Inventory number 558668 click for new entry Cost center Activation Software Notice mGuard VPN client information VPN administration Type mGuard VPN connection 7 VPN Builder IP address 192 168 177 10 VPN configuration yo Download file Firmware 8 3 fw Delete Serial number 22896658 Last machine connection 08 06 2015 16 48 01 Why does the mGuard Secure Cloud public work with IPsec VPNs IPsec is acknowledged to be the most secure standard for VPN connections it is ideal for site to site VPNs and is already integrated in the future proof IPv6 standard Innominate Security Technologies 115003_en_02 Quick Guide 39 mGuard Secure Cloud public Version 2 3 EN Frequently Asked Questions FAQs Where can view my connection data The most relevant connection data is visible to the Admin and Masteradmin roles here Menu item Administration gt VPN connections overview of all VPN connections including status Service Routing service Targets Machines service Workstations Administration Service VPN tunnel online gt no secure connection initiated gt no secure remote access to service target machine User administration Access permissions Vai maenicateicm Account data Ma
4. administrator Shrew Soft VPN Client 1 Start the Shrew Soft VPN Client VPN Access Manager 2 Select under File gt Import the relevant Shrew Soft VPN configuration file vpn downloaded before from the mGuard Secure Cloud public 3 The VPN configuration will be loaded and is available within the Shrew Soft VPN Client 4 Select the configuration and start the connection to the mGuard Secure Cloud public by a sim ple click on Connect Edit View Help File Edit View Help Connect 0 a YA 9 Import fy Delete Connect Add Modify Delete Export Preferences Exit Innominate Security Technologies 115003 _en_02 Quick Guide 22 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator 4 2 6 Checking the VPN connections using the status indicators Menu item Service Workstations gt active VPNs tab gt Workstation gt online The mGuard or VPN client for the service workstation has connected to the mGuard Secure Cloud correctly via the VPN tunnel if the status indicator for the service VPN changes from offline to online Service VPN tunnel online gt no secure connection initiated gt no secure remote access to service target machine active VPNs all Service Workstations Workstations gt 1 Workstation KBS Detroid no user notconnected VPN Offline gt 2 Workstation KBS_Service_2 lt amp eequaeinnominate com notconnected VP
5. center in Berlin Germany https it cloud mquard com Customers from Austria Belgium Switzerland Denmark Spain Finland France UK the Netherlands Norway and Sweden get their own virtual mGuard Secure Cloud instance which is physically operated in a professional data center in Berlin Germany All other customers should select others not listed 1 2 Browser compatibility We recommend the use of secure browsers such as Firefox version 17 0 or later Google Chrome version 28 0 or later or Apple Safari version 5 1 7 or later The use of cookies must be enabled in the browser see FAQs Section 8 Please note the use of Internet Explorer 8 lead to an increased security risk and the use of Internet Explorer 9 offer a poorer user experience We therefore recommend the use of one of the above men tioned browser or if this is not possible an upgrade to Internet Explorer 10 or higher 1 3 Supported languages The mGuard Secure Cloud public User Interface is available in 3 different languages e English e German e Italian Your preferred language can be switched with the help of the language selector The language selector is always available in the upper right corner of the user interface Hello Guest Signin Sign up Language English Choose country Contact DE Deutsch IT Italiano Figure 1 2 mGuard Secure Cloud public Language selector Innominate Security Technologies 115003 _en
6. it has to be imported into the appropriate software VPN client The procedure for the two currently supported software VPN clients is described as follows Hint D The VPN configurations for service workstations and service targets machines can be changed downloaded and imported arbitrarily Just repeat the corresponding steps described above mGuard Secure VPN Client 1 Start the mGuard Secure VPN Client 2 Select under Configuration gt Profiles gt Add Import the relevant mGuard Secure VPN Cli ent configuration file zip downloaded before from the mGuard Secure Cloud public Certificates Proxy for VPN Path Finder Profile Settings Backup Connection established Statistics Time online 00 05 32 Timeout sec Data Tx in KByte 5S 441 Direction out Data Rx in KByte 67 03 Link Type LAN Speed KBytes 0 000 Encryption Triple DES Click here Infa Where to buy Support Gl Profiles Available Profiles Group Show all profiles Profile Name mGuard Secure Cloud public nasi Innominate Security Technologies 115003 en 02 Quick Guide 19 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator 3 Choose Profile Import as configuration type Define type to create the configuration C Manually configure profile Create an IPsec VPN profile to a mGuard device Profile Import Import a configuration file you may already have ini
7. mGuard Secure Cloud Premium Service Seats Machine connections total Machine connections used Machine connections avaiable Figure 6 2 Tariff upgrade message After a successful tariff upgrade you will request a message with all relevant information via e mail Innominate Security Technologies 115003_en_02 Quick Guide 33 mGuard Secure Cloud public Version 2 3 EN Tariff upgrade The following upgrade matrix shows the possible tariff uprades within the mGuard Secure Cloud public Source tariff Target tariff Available upgrade packages of target tariff Evaluation Basic Edition Basic Seat Package Edition Basic Edition Premium Premium Seat Package Edition Premium Machine Package Evaluation Premium Premium Seat Package Edition Edition Premium Machine Package 6 1 Request additional packages mGuard Secure Cloud public Shop Enhancements for your tariff can be purchased with the Request packages button which then opens the mGuard Secure Cloud public shopping cart Routing hine Se gets h S A ji Administration Service VPN tunnel online gt no secure connection initiated gt no secure remote access to service target machine User administration mGuard Secure Cloud Shop Premium Seat Package includes 1 additional service seat Tariff Price per year pro rata price for first year until end of year Price 2400 00 Quantity 1 Add to Cart Account management Account status Ser
8. operate in different modes if the machine is designed to fit into the existing network the Stealth mode which behaves transparently to the network should be used if the end customer network and the machine network are different the Routermode should be used to connect both networks if the machine is connected via a mobile connection 3G should be used choose Ethernet plus 3G if a mobile connection is used as a fallback for an ethernet connection Choose a mode Stealth Router 3G Ethernet plus 3G Figure 4 2 VPN Builder for machine configuration Use the VPN Builder to configure the following items mGuard mode Specify the operation mode of the mGuard VPN connection Specify if the VPN client mGuard device shall establish a VPN connection using UDP port 4500 and 500 via TCP encapsulation in case of connection problems 3G Specify the login details of the mobile network operator External network Indicate under which network address the WAN interface of the machine mGuard can be reached from external networks You can specify a static IP address the netmask and the default gateway If the machine mGuard gets its external IP address dynamically from a DHCP server select Dynamic IP address DHCP You can optionally specify the IP address of a distinct DNS server Internal network Specify the IP address of the machine mGuard and the netmask of the internal net work to which the machine mGuard and the service ta
9. subsequently be reached via the management ip address https 1 1 1 1 or https 192 168 1 1 Innominate Security Technologies 115003 _en_02 Quick Guide 17 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator Hint After the configuration has been activated in the mGuard device remote access to the web UI via HTTPS is only possible if the service workstation has established an active VPN connection The mGuard can also be configured using an SD card or a USB flash drive To do so a configuration file ecs file zipped in a tgz container must be used The configuration file is loaded decrypted and used as a valid configuration Hint Back up all existing configurations on the mGuard device before you import the configuration file created in the Secure Cloud via SD card USB drive to the device All variables not configured in the Secure Cloud will be set to factory default Hint The VPN configurations for service workstations and service targets machines can be changed downloaded and imported arbitrarily Just repeat the corresponding steps described above Innominate Security Technologies 115003_en_02 Quick Guide 18 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator 4 2 5 Upload the VPN configuration to the software VPN client Once you have downloaded the previously created VPN configuration mGuard Secure Cloud public VPN Builder
10. ton Delete Menu item In the next step add the operators and locations of your machines and assign the service targets machines Select the menu item Service Targets Machines Innominate Security Technologies 115003 en 02 Quick Guide 11 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator Level 1 Create operators locations Service Targets Machines gt tab gt Add new operator location gt insert description of operator location gt click button OK Menu item Level 1 Edit operators locations Service Targets Machines gt select lt operator location gt tab gt Edit Menu item 9 P ad operator location and enter meaningful data gt click button OK Level 1 Delete operators locations Service Targets Machines gt select lt operator location gt tab gt click button Delete operator location Menu item Hint An operator location can only be deleted if there are no assigned machines Thus you have to delete all machines under an operator location first Level 2 Create Service Targets Machines Service Targets Machines gt select tab lt operator location gt gt select tab Create new machine gt insert descriptions for machine gt click button OK Menu item Level 2 Edit Service Targets Machines ji Service Targets Machines gt tab lt operator location gt gt select mac
11. users of the permission group For this purpose one or more access permissions are applied within a permission group that regulate the access to the service targets machinery Administration gt Tab Access permissions gt click button New permission group gt define M i MRP OK enu item name of permission group gt click button OK 4 4 2 Deleting permission groups Administration gt Tab Access permissions gt choose permission group to delete gt click icon Menu item l Delete x gt click button OK Hint Permission groups can only be deleted if they are NOT assigned to any user referenced If you get an related error message go to the user administration tab and revoke the permission group from the relevant users Innominate Security Technologies 115003_en_02 Quick Guide 27 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator 4 4 3 Adding new access rules to permission groups One or more access permission can be assigned to one permission group The access permissions determine which service targets machines can be accessed by the members of the group Administration gt Tab Access permissions gt choose permission group gt click icon Edit F gt click button Add access rule gt choose a Operator location or All gt choose Service target machine or All gt click OK gt if adding furt
12. 03 _en_02 Quick Guide mGuard Secure Cloud public Version 2 3 EN 10 11 Tariff UDG ade 22426 cede Se Pt eoseke eee ee oe bee sees eee 33 6 1 Request additional packages mGuard Secure Cloud public Shop 34 Menuitems 35 7 1 Service Targets Machines menuitem 35 7 2 Machines menuitem 35 7 3 Administration menuitem 35 74 Logbook menuitem 36 7 5 Preferences menultem 36 LO CONAC IIIA oad Cama AI IIIA 37 hel Language TAK IAA oe eee ee se oe behest WAWA 37 7 8 Help Support link 37 Frequently Asked Questions FAOS 38 Known limitations 41 Service for mGuard Secure Cloud customers 41 Publisher 41 Innominate Security Technologies 115003 en 02 Quick Guide mGuard Secure Cloud public Version 2 3 EN Introduction Guard secure cloud 1 Introduction The mGuard Secure Cloud public is a cloud based VPN infrastructure for industrial remote services which does not require the installation of any additional software It only requires a SSL capable web browser Any device such as desktop computers notebooks netbooks and tablets can be used to
13. Agreement a Please identify the following security code Security code Entering security codes Captcha is used to determine whether or not the user is human Privacy policy Cancel Figure 2 4 mGuard Secure Cloud public Registration form Security code Innominate Security Technologies 115003 _en_02 Quick Guide 7 mGuard Secure Cloud public Version 2 3 EN Login for the first time 3 Login for the first time Role Master Admin Admin The initial login process for the mGuard Secure Cloud public is always in the form of a tenant All activ ities carried out in the Cloud are therefore always performed within a tenant After sending back the signed license agreement the Masteradmin user receives the access data which is sent to the specified e mail address Please keep this in a safe place and do not allow others access to this data This data tenant account ID user ID and password can now be used to login into the mGuard Secure Cloud public for the first time Process steps 1 Click Sign in Sign up at the top of the cloud UI at the login page of the mGuard Secure Cloud public 2 Complete the relevant fields in the Sign in area Account User Password 3 Put the check mark at Stay signed in and stay logged in up to 1 month 4 Put no check mark at Stay signed in and you Il logged out after 1 hour inactivity 5 Click the button Sign in Sign in Sign up Accou
14. Guard Secure Cloud public Version 2 3 EN Known limitations 9 Known limitations Currently there are no known issues for our customers 10 Service for mGuard Secure Cloud customers Clicking on the link Help amp Support opens a dialog box where you can open or download a version of the Quick Guide in PDF format in your selected language The hotline phone numbers Premium Edi tion jr and e mail addresses are also listed here MAN innominate com Log out 2 3 0 pre08 beta06 rc4 Pr IGUAL secure cloud bia oss soi ci woes Service Routing Machine Service Targets Machines Service Wo Here you ll find the current Quick Guide pdf Open the mGuard Secure Cloud Quick Guide English PDF Service VPN tunnel online gt no secure conne Our mGuard Secure Cloud public hotline is reachable from Monday to Friday except public holidays and December 24th and 31st from 9 00h am to 5 00h pm as follows e mail BASS WS VRB Wu Ges PHONE 2H WH D7 ORS 466 active VPNs Berlin Detroid Tokio active VPN connections to Service Targ You ll get the necessary pdf reader for free at Adobe On this tab you can see all Service Targets via immediately shows the current status gt 2 Operator Detroid Machine Machine B SN 135866458557 VPN online 11 Publisher Innominate Security Technologies AG Rudower Chaussee 13 12489 Berlin Germany contact innominate com www innominate com This user manual in
15. N online gt 3 Workstation KBS_Service_4 no user notconnected VPN offline Figure 4 4 mGuard Web UI Service VPN online In addition the Service status indicator must change from grey to green Machine Menu item Service Targets Machines gt active VPNs tab gt Machine gt online The mGuard for the machine has connected to the mGuard Secure Cloud public correctly via the VPN tunnel if the status indicator for the machine VPN changes from offline to online Service Targets Machines Service Workstations Service VPN tunnel online gt no secure connection initiated gt no secure remote access to service target machine show operator location All 0 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Berlin Detroid Tokio active VPN connections to Service Targets On this tab you can see all Service Targets like facilities and machines currently connected with the mGuard Secure Cloud public via secure VPN Reloading this page via immediately shows the current status of the VPN connections gt 2 Operator Detroid Machine Machine B SN 135866458557 VPN online Start Figure 4 5 mGuard Web UI Machine VPN online Quick Start Click on the green Start button for the machine to be serviced All status indicators change to green Routing Machine Innominate Security Technologies 115003 en 02 Quick Guide 23 mGuar
16. PN connection will be esta blished automatically as soon as the VPN connection from the machine to the Secure Cloud has been established e g by using a key switch ne Hs Operator Detroid Machine Machine B SN 1358664538557 Machine information Connect workstation to this machine via VPN Type Production Unit Last machine connection Serial number 135866458557 Comment Build year 1998 Manufacturer Supplier Manufacturing number Delivery day Location Inventory number Innominate Phoenix Contact 56686648552 Berlin Adlershof 558668 2015 06 08 16 12 amp xeqre innominate com testki Cost center click for new entry Activation Software Notice mGuard VPN client information Type mGuard IP address 192 168 177 10 Firmware 8 3 Serial number 22896658 Figure 5 3 mGuard Secure Cloud public Machine information The workstation is routed to the machine mGuard The green Start button changes to a red Stop but ton Routing Machine All the status indicators Service Routing Machine are now green Machines connecting from the internal network of the machine mGuard can now be reached under their real IP address Innominate Security Technologies 115003_en_02 Quick Guide 31 mGuard Secure Cloud public Version 2 3 EN First steps as a user Result A highly secure IPsec VPN connection between your mGuard VPN client of the service workstation and the mGuard
17. VPN client of the machine has been established via the Secure Cloud Remote maintenance can now be performed with complete transparency and secure encryption using any required service tools Innominate Security Technologies 115003_en_02 Quick Guide 32 mGuard Secure Cloud public Version 2 3 EN Tariff upgrade 6 Tariff upgrade Administrators of customers of the mGuard Secure Cloud public in the EU can change their tariff at any time as follows Menu item Administration gt Tab Account data gt Area Account status Your current tariff will be shown here Tariff Basic Initiate a tariff upgrade due to a click on the button Tariff upgrade All features and prices of the related tariff can be seen at Menu item Administration gt Tab Prices User administration VPN connections Account data Master data Prices Info amp Downloads Release Notes Account management Account status Tariff Service Seats 2 Machine connections total unlimited Machine connections used 27 Machine connections avaiable unlimited Figure 6 1 Initiate tariff upgrade User administration VPN connections Account data Master data Prices Info amp Downloads Release Notes Account management Upgrade Account status Tariff Upgrade Tariff An upgrade to Premium includes the order of the packages Premium Machine and Premium Seat see Prices Please press OK to upgrade to
18. _02 Quick Guide 2 mGuard Secure Cloud public Version 2 3 EN Introduction 1 4 mGuard compatibility Please note that all the mGuard devices connected to the mGuard Secure Cloud public must have firm ware Version 7 5 or later The latest mGuard firmware can be downloaded at http www innomi nate com en downloads firmware 1 5 Important information If the service workstation is connected to the Internet via a proxy server Sections 3 2 and 3 3 please ensure that a relevant exception for the mGuard Secure Cloud is entered in the settings for the browser and or operating system so that the necessary IP check Sections 3 2 can be performed Otherwise the status indicator for the service workstation does not change to online status green Section 4 2 6 Internet Explorer 10 Windows Tools Alt X gt Internet options gt Connections tab gt Local Area Network LAN settings gt LAN settings gt Proxy server gt Use a proxy server for your LAN gt Exceptions gt ip check de mguard com or ip check us mguard com Firefox Tools gt Options gt Advanced gt Network gt Connection gt Settings gt Manual proxy configuration gt No proxy for gt ip check de mguard com or ip check us mguard com Chrome Windows Settings gt Options gt Under the Hood gt Network gt Change proxy settings gt Connections tab gt Settings for Local Area Network gt LAN settings gt Proxy server gt Use proxy
19. access the mGuard Secure Cloud public and your service targets state of the art data center Service VPN MNGuard secure cloud encrypted IPsec VPN tunnel between mGuard Secure VPN client and service gateway Service Technician Service gateway virtual Ep VPN online g m Secure Cloud A Internet PP Routing amp Management https de cloud mguard com VPN online _ Y SSS gt 4m Machine gateway virtual Machine VPN encrypted IPsec VPN tunnel between mGuard Secur Ty VPN appliance and machine gateway race reachable via it s real IP address Figure 1 1 mGuard Secure Cloud public Architecture Innominate Security Technologies 115003 _en_02 Quick Guide 1 mGuard Secure Cloud public Version 2 3 EN Introduction 1 1 Addresses Customers can reach their mGuard Secure Cloud public instance using the Choose country selector in the upper right corner German customers can reach their mGuard Secure Cloud public instance using the Choose country link via the following web address data center in Berlin Germany https de cloud mguard com Customers in the USA Canada Central and South America can access a separate physical mGuard Secure Cloud public instance via the following web address computer center in Harrisburg PA USA https us cloud mguard com ltalian customers reach their mGuard Secure Cloud public instance via the following web address data
20. ad the VPN configuration 16 4 2 4 Upload the VPN configuration to the mGuard 17 4 2 5 Upload the VPN configuration to the software VPN client 19 4 2 6 Checking the VPN connections using the status indicators 23 4 3 Useradministration 24 4 3 1 Addnewuser 24 4 3 2 Edituser Changerole 24 4 3 3 Deleteuser 24 4 34 Permissions ai Ghana seers WA 25 4 3 5 Assigning access permissions to a user premium feature 26 4 3 6 Edit delete access permissions of a user premium feature 26 4 4 Access permissions premium feature 27 4 4 1 Adding new permission groups 2 4 4 2 Deleting permission groupS 27 4 4 3 Adding new access rules to permission groups 28 4 4 4 Revoking access rules from permission groups 28 5 Firststeps aS a user 29 5 1 Login to the mGuard Secure Cloud public Sign in 29 5 2 Check the online status of the service workstation 30 5 3 Choose Operator Location 30 5 4 Connecting the service workstation to the machine 30 Innominate Security Technologies 1150
21. already assigned permission groups gt click button OK Edit user User name valid e mail address Service VPN tunnel online gt no secure conneg george innominate com Last name Add permission group User administration Access permissions Zimmermann Administration First name Choose a permission group George User administration Default Access permissions Default Here users can be added modified or deleted Premium Tariff In addition to the default pe permissions are only active if the default pe Nr Permission group defined under the tab Access permissions be Basic tariff Each user is first automatically ass neither be removed nor can additional permis Default all operators local Show Hint Detroid only Extern a User kbentlage innominate com Add permission george innominate com e madoii passwords must be at least 8 characters long and should contain letters numbers and special characters kai bentlage gmx de Thomas innominate com Cancel Figure 4 8 mGuard Secure Cloud public User administration gt Add permission group Innominate Security Technologies 115003 en 02 Quick Guide 26 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator 4 4 Access permissions premium feature Premium Edition With the help of access rules any access rights to locations operators and their machines can be defined and summarized in permission gr
22. cluding all illustrations contained herein is copyright protected Any changes to the contents or the publication of extracts of this document are prohibited 2015 Innominate Security Technologies AG Innominate Security Technologies 115003 en 02 Quick Guide 41
23. d Secure Cloud public Version 2 3 EN Initial steps as an administrator 4 3 User administration Service VPN tunnel online gt no secure connection initiated gt no secure remote access to service target machine User administration Access permissions VPN connections Account data Master data Prices Info amp Downloads Release Notes Administration User administration Here users can be added modified or deleted and given a role and access permissions Premium Tariff In addition to the default permission group additional permission groups can be assigned to users However these additional permissions are only active if the default permission group was previously revoked from the user Access rules and permission groups must be defined under the tab Access permissions before Basic tariff Each user is first automatically assigned to the default permission group In the basic tariff the default permission group can neither be removed nor can additional permission groups be added Show Hint Nr a User Name Role Qoanoeqna innominate com Muster Max Masteradmin george innominate com Zimmermann George user NAIA eS Stark Thomas user Thomas innominate com Mann Thomas user New User Figure 4 6 mGuard Secure Cloud public User administration 4 3 1 Add new user Administration gt Tab User administration gt click button New user gt Insert user name last M TE woe name first name select ro
24. dicator of the target machine has the green online status the machine mGuard has connected to the mGuard Secure Cloud public correctly via the VPN tunnel Service Targets Machines Service VPN tunnel online gt no secure connection initiated gt no secure remote access to service target machine show operator location All 0 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z active VPNs Berlin Detroid Tokio active VPN connections to Service Targets On this tab you can see all Service Targets like facilities and machines currently connected with the mGuard Secure Cloud public via secure VPN Reloading this page via immediately shows the current status of the VPN connections gt 2 Operator Detroid Machine Machine B SN 135866458557 VPN online Figure 5 2 mGuard Secure Cloud public Machine VPN online Innominate Security Technologies 115003_en_02 Quick Guide 30 mGuard Secure Cloud public Version 2 3 EN First steps as a user Quick Start Click on the green Start button for the machine to be serviced Alternatively click on the machine to be serviced The machine master card opens Click on the green Start button in the Connect workstation to this machine via VPN field Hint Even if the machine has not yet established a VPN connection to the Secure Cloud the green Start button can be clicked A route to the machine will then be started and a V
25. e connections with only one click copyright 2011 2015 Innominate Security Technologies AG Password reset Information how to proceed Close panel You can reset the password for your account by providing some information Please fill out all mandatory information for authentication reasons and request a new password You Il receive an e mail at your given e mail address within a few minutes with all information how to proceed Please make sure that this e mail will not be blocked by spam filters Account User mandatory field Discard Figure 3 2 mGuard Secure Cloud public Password reset 3 2 Online check via IP check To enable the mGuard Secure Cloud public to detect a logical connection between the web browser of the service workstation and the service VPN tunnel to the mGuard Secure Cloud an IP check is per formed This involves an HTTPS call including session ID of the web session to the address ip check de mguard com or ip check us mguard com by the encrypted service VPN tunnel On a successful HTTPS call in the mGuard Secure Cloud public the status of the web session is set to online and in the UI the service status indicator changes from red offline to green online Secure VPN connections to machines can now be established 3 3 IP check with JavaScript The IP check always uses an Ajax request asynchronous data transmission between a browser and the server If the use of a
26. e is the HTTPS Port 443 Port 443 must therefore be opened permanently on both sides of the connection Innominate Security Technologies 115003_en_02 Quick Guide 13 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator 4 2 2 Build a VPN configuration The creation building of the VPN configurations is carried out by and within the Secure Cloud public using a configuration wizard the VPN Builder The following buttons are available Open VPN Builder Wizard and Download VPN configuration Ka Proceed as follows Service Workstation Service Workstations gt All workstations tab gt Select workstation gt VPN administration gt M uae enuen VPN connection gt VPN Builder button gt Complete form gt Request button VPN administration VPN connection 7 VPN Builder VPN configuration yo Download file fw Delete Last machine connection 08 06 2015 16 48 01 VPN Builder Request service VPN configuration 1 VPN client type 3 Machine network VPN client type What kind of VPN client are you going to use for this service workstation Your workstation can be securely connected to the mGuard Secure Cloud public via mGuard VPN appliances like mGuard smart or mGuard delta You may also use a certifiied software IPsec VPN client like the mGuard Secure VPN Client Choose a VPN client type mGuard Secure VPN Client commercial software client with ve
27. ervice workstations can be connected to the cloud using either software VPN clients or mGuard devices Service targets machines can only be connected to the cloud using mGuard devices The creation building of VPN configurations is carried out by and within the Secure Cloud public using the VPN Builder The built VPN configurations are made available for download afterwards After the import of the VPN configuration into the corresponding VPN clients service workstation and service target machine is finished the clients are configured for the connection to the Secure Cloud public and able to establish a VPN tunnel to the cloud The configuration of the VPN clients is described in the following sections 4 2 1 Preconditions The VPN connections between VPN clients and the mGuard Secure Cloud public are based on the IPsec protocol The communication based on the IPsec protocol is carried out using UDP port 500 IKE and UDP port 4500 NAT Traversal Hint D The UDP ports 500 and 4500 must be open on both VPN clients service workstation and service target machine This also applies to routers used during connection and existing firewall rules TCP encapsulation In case it is not possible to establish a VPN connection using UDP ports 500 and 4500 the IPsec con nection must be tunneled Therefor the option TCP encapsulation must be enabled to transmit UDP packets encapsulated inside TCP packets The standard port used in this cas
28. figure We recommend activating the option Do not show this again for apps from the publisher and location above check the box and click on Run Guard Re M chten Sie diese Anwendung ausf hren Name applet_ip_check Anbieter Innominate Security Technologies AG Von https EE ipcheck jar Diese Anwendung wird mit uneingeschranktem Zugriff ausgef hrt Dies kann ein Risiko f r Ihren Rechner und Ihre pers nlichen Informationen darstellen F hren Sie diese Anwendung nur aus wenn Sie dem Anbieter vertrauen ie Anwendungen dieses Anbieters und aus diesem Speicherort nicht mehr anzeigen ey Mehr Informationen Abbrechen Figure 3 3 IP check applet 3 5 Autodetect mechanism The mGuard Secure Cloud public now automatically detects the process used JavaScript or applet to perform the IP check The successful method is stored in a cookie on your local computer If there is no method stored in a cookie the IP check is always performed with JavaScript first Innominate Security Technologies 115003_en_02 Quick Guide 10 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator 4 Initial steps as an administrator Role Master Admin Admin After logging into the mGuard Secure Cloud public you always start at the Service Targets Machines menu item This is so that during servicing a remote service can be started for the relevant machine as quickly as possible However initially you w
29. g icons buttons Green online and Start status indicators Red offline and Stop status indicators x The star icon tags premium features 1 8 Recommended screen resolution The mGuard Secure Cloud public Web User Interface UI should be used with a minimum screen res olution of 1200 x 800 pixel Hello Guest Signin Sign up MnGuard secure cloud punic Language English Choose country Contact mGuard Secure Cloud public CLOUD BASED INSTANT REMOTE SERVICES Figure 1 3 mGuard Secure Cloud public Web UI Innominate Security Technologies 115003_en_02 Quick Guide 5 mGuard Secure Cloud public Version 2 3 EN Sign up 2 Sign up Role Master Admin Before you can log on to and use the mGuard Secure Cloud public you have to register using the free Sign up process Process steps 1 Click Sign in Sign up at the top of the cloud UI at the login page of the mGuard Secure Cloud public 2 Click the button Sign up in the login panel that appears Or Click the framed link SIGN UP in the center of the login page 3 Complete the registration form 4 Enter the destination network machine network that you want to reach via VPN connection 5 Accept the Evaluation License Agreement due to a click on the checkbox 6 Enter the security code captcha 7 Click on the button OK After receiving your request a tenant will be created Due to our careful verification this proces
30. her access rules necessary repeat these steps gt click button OK Menu item Routing Jachine Service Targets Machines Service Wi tior Administration gbook Service VPN tunnel online New access rule User administration Permission group name Operatori location Service target machine Administration Detroid only Detroid Mi Machine B o mandatory field All Access permissions Machine A Machine B Premium Tariff With thes A gt Operator location gt Service target machine Machine C in permission groups THE Basic tariff In Basic tariff Operator location Detroid gt Service target mag Cancel Hint Please be are thal oo Operator location Detroid gt Service target mack Operator location Detroid gt Service target machine Machine C a Permis Add access rule Default Detroid Extern Hambul New permission group Figure 4 10 mGuard Secure Cloud public adding new access rule 444 Revoking access rules from permission groups Administration gt Tab Access permissions gt choose permission group gt click icon Edit F gt choose access rule to be deleted gt click icon Delete x gt click button Delete access rule gt if deleting further access rules necessary repeat these steps gt click button OK Menu item Hint All changes for permission groups will affect the referenced users immediately Innominate Security Technolog
31. hine and click gt Menu item Edit machine information Fa gt click button OK Level 2 Delete machines Service Targets Machines gt tab lt operator location gt select machine and click gt area Machine administration gt Machine click button Delete Menu item Innominate Security Technologies 115003 en 02 Quick Guide 12 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator Level 2 Machine information gt Add location data optional To add precise positioning data latitude and longitude to each machine proceed as follows Service Targets Machines gt tab lt operator location gt gt select machine and click gt Edit machine information gt click into the field Positioning data Lat Long gt an Open Menu item l l So l l StreetMap Window appears gt click on the magnifier icon Q gt enter the location name dedica ted to your machine gt select the proper name from the drop down list box gt click button OK gt click button OK 4 2 Configure a VPN connection VPN Builder The service session between service workstations and service targets machines is secured via an encrypted VPN tunnel Virtual Private Network Before a service workstation can connect to a service target machine via the VPN tunnel the associ ated VPN clients must be configured in order to establish a VPN connection to the mGuard Secure Cloud public S
32. ies 115003_en_02 Quick Guide 28 mGuard Secure Cloud public Version 2 3 EN First steps as a user 5 First steps as a user Role User The following steps and processes provide a quick and easy means of establishing a secure remote maintenance connection between the service workstation and the machine 5 1 Login to the mGuard Secure Cloud public Sign in Your personal login data tenant ID user ID and password can be used to log into the mGuard Secure Cloud public Process steps 1 Click Sign in Sign up at the top of the cloud UI at the login page of the mGuard Secure Cloud public 2 Complete the relevant fields in the Sign in area Account User Password 3 Put the check mark at Stay signed in and stay logged in up to 1 month 4 Put no check mark at Stay signed in and you ll logged out after 1 hour inactivity 5 Click the button Sign in Sign in Sign up Account YDH13000DE No mGuard Secure Cloud user yet z Sign up now for free User max muster innominate com Your benefits as a registered user Password Seeeeeeeeeeeeeoeee Free testing Free use Stay signed in e Build and manage VPNs easily Start your service connections with only one click Password forgotten 6n UP Hello Guest Close panel n Figure 5 1 Login to the mGuard Secure Cloud public Innominate Security Technologies 115003_en_02 Quick Guide 29 mGuard Secure Cloud public Version 2 3 EN Fir
33. ill just find an empty page without machines and without operators or locations for machines The following organizational steps and processes provide a quick and easy means of establishing a secure connection between the service workstation and the machine 4 1 Service Workstations and Service Targets Machines The service organization in the Secure Cloud is divided into two areas Service Workstations and Service Targets Machines In the menu item Service Workstations the workstations for your service staff can be created In the menu item Service Targets Machines operators or locations first level and their associated machines second level can be created Hint If the number of tabs of all operators locations is too big to be shown on the display operators loca tions can be filtered by alphabetic or numeric criteria Start with the creation of service workstations by selecting the menu item Service Workstations Level 1 Create service workstations Menu item Service Workstations gt tab gt Add new workstation Level 1 Edit service workstations ji Service Workstations gt select workstation and click gt select Workstation Information Menu item and click a gt edit workstation information gt click button OK Level 1 Delete service workstations Service Workstations gt select workstation and click gt VPN administration gt click but
34. inate Security Technologies 115003 _en_02 Quick Guide 37 mGuard Secure Cloud public Version 2 3 EN Frequently Asked Questions FAQs 8 Frequently Asked Questions FAQs have signed up for the Secure Cloud but have not received a reply yet Since your registration data has to be checked carefully during normal office hours Berlin time zone by our Secure Cloud Service team this process may take a while The process is a preventive measure designed to stop untrustworthy individuals and institutions from registering and logging in How do get functional VPN configurations without technical know how Don t worry With the support of the VPN Builder and its simple user guidance many questions can already be answered during configuration If there are remaining questions the Secure Cloud Service will be pleased to help you Just contact our public hotline VPN administration VPN connection ZF VPN Builder VPN configuration yo Download file f Delete Last machine connection 08 06 2015 16 48 01 How can contact the mGuard Secure Cloud public hotline Clicking on the link Help amp Support opens a dialog box where you can open or download a version of the Quick Guide in PDF format in your selected language The hotline phone numbers Premium Edi tion and e mail addresses are also listed here Wovena innominate com Log out Language English Contact Help amp Support Can test the mGuard Sec
35. ithin a tenant and thus overrides all other permissions Basic Edition Each user is first automatically assigned to the default permission group The default permission group can neither be removed in the basic tariff nor can additional permission groups added Access Rule A Access Rule Default Location Operator 1 Location Operator n Machine n Machine n Location Operator Al Machines Al Machine 7 Machine 7 Access Rule A Access Rule B Access Rule Default Permission Group A Permission Group Default Access Rule n Permission Group A o E Permission Group Default Permission Group n User User Password Password Figure 4 7 Permission architecture Premium Edition Permission architecture Basic Edition Innominate Security Technologies 115003 _en_02 Quick Guide 25 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator 4 3 5 Assigning access permissions to a user premium feature r Administration gt Tab User administration gt choose user gt click icon Edit y gt Menu item click button Add permission gt choose a permission group gt click button OK gt add additional permission groups or click button OK 4 3 6 Edit delete access permissions of a user premium feature Administration gt Tab User administration gt choose user gt click icon Edit F gt click icon menuitem for editing a or icon for deleting x of
36. l enhanced Hotline phone e mail Consists of 1 x SC 101010 and 1 x SC 101020 Description mGuard Secure Cloud public Premium Seat 1 additional concurrent user session mGuard Secure Cloud public Premium Machine Package 5 additional machine connections Description Number of users unlimited Number of machines unlimited Number of concurrent user sessions 1 Transfer volume per user session in GB month 1 Guaranteed bandwidth per user session in Mbit s none Guaranteed yearly availability none Permission model standard Hotline e mail Description mGuard Secure Cloud public Premium Seat 1 additional concurrent user session Innominate Security Technologies 115003 _en_02 Quick Guide 4 mGuard Secure Cloud public Version 2 3 EN Introduction 1 7 Operating elements For the navigation via the mGuard Secure Cloud public user interface UI the following color coding is used mGuard red Active menu items and tabs Service Targets Machines Service VPN tunnel online gt no secure connection initiated gt no secure remote access to service target machine show operator location All 0 9 A B C D E F G H IJ K L M N O P Q R S T U V W X Y Z active VPNs Berlin Detroid Tokio Hint Explanatory text on the user interface can be faded out by clicking on the Icon 38 Click on the text Show Hint to show the hint text again Blue Primary and secondary control elements e
37. le insert password repeat password gt click button OK 4 3 2 Edit user Change role Administration gt Tab User administration gt select user gt click edit gt edit information gt click button OK Menu item 4 3 3 Delete user Administration gt Tab User administration gt select user gt click delete x click button OK Menu item Innominate Security Technologies 115003 _en_02 Quick Guide 24 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator 4 3 4 Permissions Access permissions allow granular control over which users can access what locations operators and machines in the form of user defined permissions and permission groups This feature is available only in the Premium Edition of the mGuard Secure Cloud public see Chapter 4 4 Premium Edition In addition to the default permission group that is automatically assigned to each new user additional permission groups can be assigned to users in the premium edition However these are only active when the default permission group was revoked before from the user Prior to this access rules and permission groups must be defined under the tab Access permissions Hint New permission groups will only become activ if the default permission group has been revoked Hint Please note that the default permission group allows access to all operators locations and all machines w
38. ndor support Shrew Soft VPN Client free open source software client mGuard VPN appliance hardware Please enter the client password Password CEC8988 8080 Repeat password eeeeeeeeeo mandatory field Figure 4 1 VPN Builder for service VPN configuration Use the VPN Builder to configure the following items VPN client type Specify if the service workstation will be connected to the Secure Cloud via software VPN client mGuard Secure VPN Client or Shrew Soft VPN Client or via hardware client mGuard device Innominate Security Technologies 115003 en 02 Quick Guide 14 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator VPN connection Specify if the VPN client mGuard device shall establish a VPN connection using UDP port 4500 and 500 via TCP encapsulation in case of connection problems Machine network Configure the destination network to which the service target machine belongs The network corresponds with the destination network already provided during registration Service Targets Machines Service Targets Machines gt Location operator tab gt Select machine gt VPN administra meow tion gt VPN connection gt VPN Builder button gt Complete form gt Request button VPN Builder Request machine VPN configuration 1 mGuard mode 2 VPN connection 4 External network 5 Internal network 6 Misc mGuard operation mode The mGuard can
39. nfiguration zip file extension in case of the mGuard Secure VPN Client or vpn file extension for the Shrew Soft VPN client for the machine can be downloaded and stored locally for further configuration of the machine mGuard Service Targets Machines gt Location operator tab gt Select machine gt Menu item NDI l VPN administration gt VPN configuration gt Download button The corresponding configuration file extension atv or ecs for encrypted configurations with firmware version 7 6 1 for the machine can be downloaded and stored locally for further configuration of the machine mGuard Innominate Security Technologies 115003_en_02 Quick Guide 16 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator 4 2 4 Upload the VPN configuration to the mGuard Once you have downloaded and locally stored the VPN configuration previously created in the Secure Cloud public VPN Builder the configuration file must be imported to the appropriate VPN client Hint The status of all the variables of the mGuard device that have not been configured in the Secure Cloud will be set to factory default Hint For tailored machine configurations that can not be configured by the VPN Builder e g firewall rules the Premium Edition gives you the possibility to deposit so called ATV Includes in the Secure Cloud backend These predefined values can be applied to the complete account level or
40. nt YDH13000DE No mGuard Secure Cloud user yet Sign up now for free User max muster innominate com Your benefits as a registered user Password eeeeeeeeeeeeoeee Free testing Free use Stay signed in e Build and manage VPNs easily Start your service connections with only one click Password forgotten SIE Hello Guest Close panel Figure 3 1 mGuard Secure Cloud public Signing in Innominate Security Technologies 115003 _en_02 Quick Guide 8 mGuard Secure Cloud public Version 2 3 EN Login for the first time 3 1 Password forgotten If you have forgotten your login password combination use the Password forgotten link in the login panel to request a new password The correct tenant user combination must be entered in the form that appears A link to set a new password is sent to the user e mail address stored in the Cloud Please note that this link is only valid for a maximum of 24 hours If this link does not appear in your inbox within a few minutes please check your spam filter or soam folder Sign in Sign up Up to this point mGuard VPNs were secure Account No mGuard Secure Cloud user yet But now they are secure AND easy to use Sign up now for free User Convince yourself by testing us Your benefits as a registered user eal Password Sign in Select Connect e Free testing Free use you connect we protect Stay signed in Build and manage VPNs easily e Start your servic
41. ole Admin Provides all functions for mGuard Secure Cloud public administration User administra overview add edit delete users assign and revoke roles and permission groups self tion defined permission groups premium feature Access permissi overview add edit delete permissions and permission groups premium feature r ons VPN connection overview states of all VPN connections Account data current tariff tariff change request add packages overview Master data overview Prices overview available editions Info amp Downloads notes on mGuard configuration download VPN clients and manuals Release Notes information about the latest Secure Cloud version Innominate Security Technologies 115003 _en_02 Quick Guide 35 mGuard Secure Cloud public Version 2 3 EN Menu items 74 Logbook menu item Role Admin Provides all functions for recording and analyzing service tasks Functions View monthly connection data Ad hoc filtering and online analysis of connection data premium feature Download monthly connection data as CSV XLS and PDF file premium feature Analyses Logbook Service Analyses Administrators can get the following reports Premium Tariff Ad hoc filtering of all service activities and export of the generated reports as csv xls or pdf file Basic tariff monthly overview of all service activities Hint Filter Date range last 30 days 23 05 2015 22 06 2015 Operator Location Ser
42. only to individual machines If you have any questions please contact the Secure Cloud Support Management Configuration Profiles Configuration Profiles L Configuration Profiles t Factory Default X tensons Office Berlin sore ee save Current Configuration to Profile Name for the new profile Upload Configuration to Profle Name for the new profile admin Filename Durchsuchen Keine Datei ausgewahtt External Config Storage ECS Current state of the ECS Not present ee ye aes pe The root password to save to the ECS wasasa Automatically save configuration changes to an ECS si Encrypt the data on the ECS No Note Encrypted ECS date can only be read by this device Figure 4 3 mGuard Web UI To import a configuration into the mGuard devce log in to the web interface UI mGuard on the mGuard Then proceed as follows mGuard Ul Administration menu item gt Configuration profiles tab gt Upload Configuration to Profile Select and use the previously downloaded VPN configuration with the file extension atv Make sure that the correct configuration file has been selected After uploading the configuration to the mGuard it will be listed as a new configuration profile Please activate the new configuration profile by clicking on the button Restore A green check mark indicates the activated profile Dependent on the chosen mGuard mode Stealth or Router the mGuard can
43. oups These permission groups can then be assigned to users in the user management Previously defined permission groups can only be deleted if NO user is assigned to referenced Basic Edition Basic Edition does not allow defining own access rules and permission groups Only the permission group Default is displayed Hint Please note that the permission group Default allows access to ALL locations operators and machi nes and can not be deleted or edited Service VPN tunnel online gt no secure connection initiated gt no secure remote access to service target machine User administration Access permissions VPN connections Account data Master data Prices Info amp Downloads Release Notes Administration Access permissions Premium Tariff With the support of access rules any access rights to operators locations and their machines can be defined and summarized in permission groups These permission groups can then be assigned to users within the user administration Basic tariff In Basic tariff no own access rules and permission groups can be defined Only the permission group Default is displayed Hint x a Permission group Default all operators locations gt all machines Detroid only Extern Hamburg only New permission group Figure 4 9 mGuard Secure Cloud public Access permissions overview 4 4 1 Adding new permission groups A permission group defines which machines can be accessed by the
44. proxy server for the HTTPS protocol is configured in the browser or in the operating system then an exception must be configured for the host jp check de mqguard com or ip check us mguard com Section 1 5 Otherwise the HTTPS call would not be routed to the VPN tunnel the proxy would send the call to the Internet without effect and receive no response Innominate Security Technologies 115003 _en_02 Quick Guide 9 mGuard Secure Cloud public Version 2 3 EN Login for the first time 3 4 IP check via Java applet Since it cannot be assumed that the user is able to configure a proxy exception without problems the mGuard Secure Cloud public provides an alternative procedure for the IP check When a proxy server is detected a Java applet is called in the browser which makes the relevant HTTPS call without the mandatory use of a proxy server The IP check via applet is supported for the following browsers with Java Runtime Environment JRE Version 1 6 or 1 7 Microsoft Windows e Firefox Version 11 or later e Google Chrome Version 24 or later e Microsoft Internet Explorer Version 8 or later Linux e Firefox Version 18 or later Apple Mac OS X e Safari Version 5 or later The Java plug in part of the relevant JRE must be activated in the relevant browser in the Internet zone the scripting of Java applets must also be enabled When the applet is initiated for the first time you must agree that the applet can be run see
45. rget machine belong Misc Choose the format of the VPN configuration for your machine connection type atv to upload the configuration via the mGuard web interface e type ecs to activate the configuration via external configuration memory e g SD card USB stick Note that the ecs file is contained in a zipped tgz file which must be used to import the configuration into the mGuard device Innominate Security Technologies 115003 _en_02 Quick Guide 15 mGuard Secure Cloud public Version 2 3 EN Initial steps as an administrator If the VPN connection of the machine mGuard shall be initiated via a key switch Service lO the fea ture can be activated here After the VPN configuration has been created it can be downloaded directly from the Secure Cloud public and be imported into the appropriate VPN client Hint The VPN configurations for service workstations and service targets machines can be changed downloaded arbitrarily Just repeat the corresponding steps described above 4 2 3 Download the VPN configuration The VPN configurations for the service workstation and the service target machine will be available for download immediately and may be stored and used locally for further configuration of the VPN clients Service Workstations gt All workstations tab gt Select workstation gt VPN administration gt Vsauitem VPN configuration gt Download button The corresponding co
46. s may take several hours Following successful registration the user specified as the Masteradmin in the registration form receives the login data sent to the specified e mail address Sign in Sign up Up to this point mGuard VPNs were secure Account No mGuard Secure Cloud user yet But now they are secure AND easy to use Sign up now for free User Convince yourself by testing us Your benefits as a registered user GAI Password Sign in Select Connect Free testing Free use you connect we protect Stay signed in Build and manage VPNs easily e Start your service connections with only Password forgotten at copyright 2011 2015 innominate Security Technologies AG Hello Guest Close panel public CLOUD BASED INSTANT REMOTE SERVICES SIGN UP Figure 2 1 mGuard Secure Cloud public Sign up Innominate Security Technologies 115003 _en_02 Quick Guide 6 mGuard Secure Cloud public Version 2 3 EN Sign up Within the mGuard Secure Cloud public the tenant is the top instance and is a closed unit in terms of data technology and organization The mGuard Secure Cloud therefore offers the option of disjunctive tenant oriented data recording presentation UI and configuration Each tenant can therefore only see and modify their own data i e all data is protected from other tenants Only the assigned tenant can access this data although in certain exceptional cases troubleshooting admini
47. server for LAN gt Exceptions gt ip check de mguard com or ip check us mguard com If it is not possible to configure the relevant proxy exception the IP check can also be performed using a Java applet Section 3 4 Innominate Security Technologies 115003 _en_02 Quick Guide 3 mGuard Secure Cloud public Version 2 3 EN Introduction 1 6 Available editions amp tariffs For customers in the EU the mGuard Secure Cloud public is available in the following editions mGuard Secure Cloud public Edition Evaluation Edition features equal to Premium Edition mGuard Secure Cloud public Edition Premium Edition additional bookable packages Order number SC 101010 SC 101020 mGuard Secure Cloud public Edition Basic Edition additional bookable packages Order number SC 100010 Description Max runtime 30 days Number of users unlimited Number of machines 1 Number of concurrent user sessions 1 Transfer volume per user session in GB month 1 Guaranteed bandwidth per user session in Mbit s none Guaranteed yearly availability none Permission model enhanced Hotline phone e mail Description Min runtime 12 months Number of users unlimited Number of machines min 5 expandable Number of concurrent user sessions 1 expandable Transfer volume per user session in GB month unlimited Guaranteed bandwidth per user session in Mbit s 1 Guaranteed yearly availability 98 Permission mode
48. st steps as a user 5 2 Check the online status of the service workstation If your service workstation has established a VPN connection to the Secure Cloud the status indicator Service must have a green background color Routing If the status indicator Service has a red background color check the connection of you service work station mGuard device or software VPN client or if the VPN connection has been started Alternatively the status can be checked as follows Menu item Service Workstations gt active VPNs tab gt Workstation gt online 5 3 Choose Operator Location To connect to a machine with of specific operator location via VPN tunnel an operator location has to be selected Proceed as follows Menu item Service Targets Machines gt select tab with desired operator location Hint If the number of tabs of all operators locations is too big to be shown on the display operators loca tions can be filtered by alphabetic or numeric criteria Service Targets Machines Service VPN tunnel online gt no secure connection initiated gt no secure remote access to service target machine show operator location All 0 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 5 4 Connecting the service workstation to the machine Menu item Service Targets Machines gt active VPNs tab gt Machine gt online As soon as the status in
49. ster data Prices Info amp Downloads Release Notes Administration VPN connections Hint Service connections Machine connections Service name gt Status Order date Machine name gt Status Order date KBS Detroid active 01 06 2015 Machine B active 22 05 2015 KBS_Service_2 active 27 05 2015 Machine C active 26 05 2015 KBS_Service_4 active 26 05 2015 Maschine Adlershof active 22 05 2015 Machine A ordered 22 05 2015 Which Software VPN clients are supported by the mGuard Secure Cloud public Currently we support the following IPsec Software VPN clients for service workstations e mGuard Secure VPN Client http Awww innominate com e Shrew Soft http www shrew net have entered my login data correctly but still can t log into the Cloud Please make sure that your browser accepts cookies for the address https de cloud mguard com respectively https us cloud mguard com or https it cloud mgquard com Cookie settings for Firefox Menu gt Options gt Privacy gt History gt select Accept cookies Cookie settings for Internet Tools gt Internet options gt Privacy gt if you want to have automatic cookie Explorer handling set the slider to Medium Cookie Settings for Google Menu gt Settings gt Show advanced settings gt Privacy gt Content settings gt Chrome Cookies gt set Allow local data to be set recommended Innominate Security Technologies 115003_en_02 Quick Guide 40 m
50. stration or change man agement it may be that the Secure Cloud service or parties explicitly authorized by Innominate are granted access however never other customers or other unauthorized parties Registration form Company name Valid e mail address Department First name Street house number Last name Zip code Phone number City State Password Country Repeat password Germany Deutschland gt Billing information alternative address How did you hear about us mandatory field passwords must be at least 8 characters long and should contain letters numbers and special characters Figure 2 2 mGuard Secure Cloud public Registration form Machine network Please enter the destination network which you want to reach through your VPN connection for example P address of the network 192 168 1 0 and Netmask 255 255 255 0 Note that the IP address of the network must be a private IP address i e within the following subnets 10 0 0 0 8 172 16 0 0 12 192 168 0 0 16 IP address of the network 192 168 1 0 Machine 192 168 1 20 Netmask 255 255 255 0 Figure 2 3 mGuard Secure Cloud public Registration form Machine network Evaluation License Agreement see below for German version Online Evaluation License Agreement Eval EULA for mGuard Secure Cloud public Version 1 1 Effective January 2014 Please accept the Evaluation License
51. ure Cloud public without obligation Of course Following successful registration every mGuard Secure Cloud tenant can test one service connection and one machine connection free of charge for 30 days Premium features Both VPN con nections can be configured with the VPN Builder and tested thoroughly When the test phase expires the test connections can be converted into productive VPN connections on request Please contact our Secure Cloud Service team for this Innominate Security Technologies 115003_en_02 Quick Guide 38 mGuard Secure Cloud public Version 2 3 EN Frequently Asked Questions FAQs Can I also use the mGuard Secure Cloud with other VPN products Unfortunately not The mGuard Secure Cloud is currently only available for mGuard customers and users The only exception is that service workstations may also be connected to the mGuard Secure Cloud via certified IPsec VPN clients How do I cancel individual contracts Contracts for VPN connections can be canceled for both service and machine connections on the rele vant service workstation or machine master card by the Admin and Masteradmin roles at the end of each calendar year area VPN administration ai Operator Detroid Machine Machine B SN 135866458557 VPN Machine information Connect workstation to this machine via VPN Type Production Unit Last machine connection Serial number 135866458557 Comment Build year 1998 Manufacturer
52. vice Seats n S Premium Machine Package Machine connections tot includes 5 additional machines one time payment Machine connections ug Price 2000 00 Quantity 1 Add to Cart as a oie Machine connections avi Ordered Packages a Order date Order number Package Ordered by Figure 6 3 mGuard Secure Cloud public Request packages The available enhancements for your tariff can be selected and requested within the mGuard Secure Cloud public shopping cart by clicking the button Request Innominate Security Technologies 115003_en_02 Quick Guide 34 mGuard Secure Cloud public Version 2 3 EN Menu items 7 Menu items MGuard secure cloud Service Routing Machine Service Targets Machines Figure 7 1 Status indicator Service VPN tunnel active inactive Routing performed not performed Machine available unavailable 7 1 Service Targets Machines menu item Role Admin Provides all functions for setting up and administering service workstations Role All users Provides auxiliary functions for executing service tasks at the service workstation 7 2 Machines menu item Role Admin Provides all functions for setting up and administering operators locations and their machines Role All users Provides all functions for selecting the relevant operator location as well as initiating and executing ser vice tasks on the relevant machine 7 3 Administration menu item R
53. vice workstation Service target machine all all vy A all Your report CSV No PDF A from Service until Service duratiore Operator Location Service workstation 22 05 2015 10 26 07 22 05 2015 10 26 08 00 00 01 Berlin KBS_Service_1 22 05 2015 10 26 10 22 05 2015 10 29 47 00 03 37 Berlin KBS_Service_1 22 05 2015 14 13 36 22 05 2015 14 27 15 00 13 39 Berlin KBS_Service_2 Figure 7 2 mGuard Secure Cloud public Logbook 7 5 Preferences menu Item Role All users Provides all functions for individual adjustments to the user s work environment Function Change password Innominate Security Technologies 115003_en_02 Quick Guide 36 mGuard Secure Cloud public Version 2 3 EN Menu items 7 6 Contact link Role All users Clicking on the Contact link opens a contact form in a modal dialog box Use this form to contact our mGuard Secure Cloud Support Team directly 7 7 Language link Role All users Click on the Language German Language English or Language Italian link to switch the UI lan guage of the mGuard Secure Cloud public to English EN Italian IT or German DE 7 8 Help amp Support link Role All users Clicking on the Help link opens a dialog box where you can open or download a version of the Quick Guide in PDF format in your selected language The hotline phone numbers Premium Edition and e mail addresses are also listed here Innom
Download Pdf Manuals
Related Search