Presentation
Based on WALLIX Trustelem
SAML - OpenID Connect
LDAP - Radius
WALLIX Authenticator
- Access Manager is compatible with SAML (recommanded), LDAP and Radius
- The Bastion is compatible with LDAP and Radius
Architecture
Prerequisites
Setup
- Add a directory on Trustelem
- Trustelem AD Connect: synchronize identities and authenticate AD users
- Add a proxy on Trustelem
- Trustelem Connect: proxy LDAP/Radius for Bastion authentication
- Setup the Bastion on Trustelem and Bastion sides
- Setup the Access Manager on Trustelem and Access Manager sides
- Define the access rules
- Enroll the 2nd factors
Available factors
- Trustelem Authenticator
- Push notification
- TOTP code
- TOTP Authenticator
- For example: Google Authenticator, Microsoft Authenticator...
- SMS
- Additional cost
- Not available by default
- USB key
- For SAML only (Access Manager)
- For example, yubico keys
Benefits
- Strong authentication for both Access Manager and Bastion: security
- Easy and quick to setup: time saving
- Improve the management of external users: time saving
- Can be extended for the authentication of other apps: with only a license change