Deep Discovery Analyzer 6.9 Online Help

Collapse AllExpand All
  • account management [1]
  • Activation Code [1]
  • Active Directory Federation Services (AD FS) [1]
  • AD FS [1]
  • administration [1]
    • file passwords [1]
  • Advanced Threat Scan Engine [1] [2]
  • alerts [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16]
  • API key [1]
  • ATSE [1] [2]
  • average Virtual Analyzer queue time alert [1]
  • C&C list [1]
  • components [1]
  • configuration
    • management console [1]
  • contact management [1]
  • CPU usage alert [1]
  • critical alerts [1] [2]
  • customized alerts and reports [1]
  • dashboard [1] [2]
  • Deep Discovery Malware Pattern [1] [2]
  • detected message alert [1]
  • detection surge alert [1]
  • disk space alert [1]
  • documentation feedback [1]
  • email scanning
    • file passwords [1]
  • exceptions [1]
  • file passwords [1]
  • generated reports [1]
  • getting started
    • management console [1]
  • getting started tasks [1]
  • HTTPS certificate [1]
    • geenrate a certificate signing request [1]
    • import and replace certificate [1]
  • ICAP [1]
    • headers [1]
    • MIME content-types [1]
    • settings [1]
  • ICAP integration [1]
  • identity provider [1]
    • configure [1]
    • federation metadata file [1]
  • image import tool [1]
  • images [1] [2] [3]
  • important alerts [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11]
  • import image [1]
  • informational alerts [1]
  • integration with other products [1]
  • IntelliTrap Exception Pattern [1] [2]
  • IntelliTrap Pattern [1] [2]
  • Internet Content Adaptation Protocol (ICAP) [1]
  • license [1]
  • license expiration alert [1]
  • log settings [1]
  • management console [1]
    • navigation [1]
    • session duration [1]
  • management console accounts [1]
  • message delivery alert [1]
  • Network Content Correlation Pattern [1]
  • Network Content Inspection Engine [1]
  • Network Content Inspection Pattern [1]
  • notification parameters [1]
  • OAuth 2.0 [1]
  • Okta [1]
  • on-demand reports [1]
  • preconfiguration console [1]
  • processing surge alert [1]
  • product integration [1]
  • reports [1] [2]
    • on demand [1]
  • report schedules [1]
  • SAML authentication [1]
    • Configuration overview [1]
    • Supported identity providers [1]
  • SAML integration
    • configuring identify provider settings [1]
  • sandbox analysis [1] [2]
  • sandbox error alert [1]
  • sandbox images [1] [2] [3]
  • sandbox instances [1]
  • sandbox management [1]
    • archive passwords [1]
    • images [1]
    • image status [1]
    • network connection [1] [2]
    • Virtual Analyzer status [1]
  • sandbox queue alert [1]
  • Script Analyzer Pattern [1]
  • Security Assertion Markup Language (SAML) [1]
  • service provider [1]
    • certificate [1]
    • metadata file [1]
  • service stopped alert [1]
  • Spyware/Grayware Pattern [1]
  • submissions [1]
  • support
    • resolve issues faster [1]
  • suspicious objects [1]
  • syslog server [1]
  • syslog settings
    • syslog server [1]
  • system maintenance [1]
    • back up tab [1]
      • configuration settings backup [1]
      • data backup [1]
    • cluster tab
    • nodes list [1]
    • restore tab [1]
  • system settings [1]
    • Network Tab [1]
    • Password Policy Tab [1]
    • power off / restart tab [1]
    • Proxy Tab [1]
    • Session Timeout Tab [1]
    • Time Tab [1]
  • tabs [1]
  • third-party licenses [1]
  • TLS [1]
  • tools [1]
  • unreachable relay MTA alert [1]
  • update completed surge [1]
  • update failed alert [1]
  • updates [1]
    • components [1]
    • firmware [1]
    • update settings [1]
  • Virtual Analyzer [1] [2]
    • file passwords [1]
    • image import tool [1]
    • import image [1] [2]
  • Virtual Analyzer Configuration Pattern [1]
  • Virtual Analyzer Sensors [1]
  • watchlist alert [1]
  • widgets [1] [2]
  • YARA rule file

Configuring Okta Parent topic

Okta is a standards-compliant OAuth 2.0 authorization server that provides cloud identity solutions for your organization. Okta is a single sign-on provider that allows you to manage user access to Deep Discovery Analyzer.
This section describes how to configure Okta as a SAML (2.0) identity provider for Deep Discovery Analyzer to use.
Before you begin configuring Okta, make sure that:
  • You have a valid subscription with Okta that handles the sign-in process and that eventually provides the authentication credentials to the Deep Discovery Analyzer management console.
  • You are logged on to the management console as a Deep Discovery Analyzer administrator.

Procedure

  1. Log in to your Okta organization as a user with administrative privileges.
  2. Click Admin in the upper right, and then navigate to ApplicationsApplications.
  3. Click Add Application, and then click Create New App.
    The Create a New Application Integration screen appears.
  4. Select Web as the Platform and SAML 2.0 as the Sign on method, and then click Create.
  5. On the General Settings screen, type a name for Deep Discovery Analyzer in App name, for example, "Deep Discovery Analyzer", and click Next.
  6. On the Configure SAML screen, specify the following:
    1. Type the Deep Discovery Analyzer address in the Single sign on URL field.
    2. Select Use this for Recipient URL and Destination URL.
    3. Specify the Audience URI in Audience URI (SP Entity ID) based on your serving site:
    4. For Assertion Encryption, select Encrypted.
    5. For Encryption Certificate, click Browse files to select the certificate file that you obtained from Deep Discovery Analyzer.
      For more information, see Service Provider Metadata and Certificate.
    6. In the Group Attribute Statements (Optional) section, specify the following:
      • Name: DDAN_groups
      • Filter: Matches regex ^(.*)*$
    7. Click Next.
  7. On the Feedback screen, click I'm an Okta customer adding an internal app, select This is an internal app that we have created, and then click Finish.
    The Sign On tab of your newly created Deep Discovery Analyzer application appears.
  8. Click Identity Provider Metadata to download the metadata file from Okta.
    Note
    Note
    Import this metadata file to Deep Discovery Analyzer.
  9. Assign the application to groups and add people to groups.
    1. Select DirectoryGroups.
    2. Click the groups that you want to assign the application to, and then click Manage Apps.
      The Assign Applications screen appears.
    3. Locate Deep Discovery Analyzer you added and click Assign.
    4. Click Manage People.
      The Add People to Groups screen appears.
    5. Locate the user you want to allow access to Deep Discovery Analyzer and add the user to the Deep Discovery Analyzer group.
    6. Confirm that the application is assigned to the user and group.
      After assigning an application to a group, the system automatically assigns the application to all users in the group.
    7. Repeat the above steps to assign the application to more groups as necessary.
    You are now ready to configure Okta for single sign-on and create the required SAML groups in the Deep Discovery Analyzer management console.