IDP activation

kyssling
kyssling Posts: 94
First Answer First Comment Friend Collector Fourth Anniversary
 Ally Member
Hello, I have found that I am missing active IDP setting in the Security Policy. Could someone please advise me, if IDP is generally set in "WAN to LAN" line and just activate IDP?
Should I possibly prepare for the possibility of some non-functional services (RDP ...) after this activation?
Thank you for your help !
«1

All Replies

  • dkyeager
    dkyeager Posts: 61
    First Comment Friend Collector Fourth Anniversary
     Ally Member
    What model and firmware version are you using?
  • BrownB
    BrownB Posts: 9
    An identity provider (IdP) is a service that stores and verifies user identity. IdPs are typically cloud-hosted services, and they often work with single sign-on (SSO) providers to authenticate users.
  • Emerald
    Emerald Posts: 21
    First Comment Fourth Anniversary
     Freshman Member
    kyssling said:
    Hello, I have found that I am missing active IDP setting in the Security Policy. Could someone please advise me, if IDP is generally set in "WAN to LAN" line and just activate IDP?
    Should I possibly prepare for the possibility of some non-functional services (RDP ...) after this activation?
    Thank you for your help !
    He ive wintessed this. I have all services activated & licenced but when you create a security policy you can choose ADP, content filter SSL some other one but no IDP

    I figured i missed some thing, I plan to go back to look at this with more time next week

    (was a FLEX 200 BTW)

  • kyssling
    kyssling Posts: 94
    First Answer First Comment Friend Collector Fourth Anniversary
     Ally Member
    Hi i use Zyxel USG110 with FW:V4.70(AAPH.0)ITS-WK46-r102519 and mean IDP here ...
     
  • Zyxel_James
    Zyxel_James Posts: 141
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 5 Answers
     Ally Member
    You may create a security rule for the IDP profile that blocks the service from WAN to LAN.
     
    If you are concerned that the RDP service will be blocked when IDP is activated. You may edit the Signature Group of the IDP profile, inactivate the RDP service.

    Or if you are concerned that the other services will be blocked, you can create an IDP profile and set action to "none" and "log" to detect which related service is used, then inactivate the service in the IDP profile.


    BR,
    James
  • kyssling
    kyssling Posts: 94
    First Answer First Comment Friend Collector Fourth Anniversary
     Ally Member
    Hello, someone has it turned on in practice ?
    We use only RDP over VPN ... Thank you ...
  • kyssling
    kyssling Posts: 94
    First Answer First Comment Friend Collector Fourth Anniversary
     Ally Member
    Does anyone have experience with checked iDP ? Vaclav
  • @kyssling, you may try inactive RDP service in the IDP profile. RDP over VPN is feasible.
  • kyssling
    kyssling Posts: 94
    First Answer First Comment Friend Collector Fourth Anniversary
     Ally Member
    Thank you, and are you use it in a real environment ? 
  • @kyssling, yes, I have a VPN scenario that connects to USG110 through IPsec VPN, and enables the IDP profile which inactive RDP service. It works.


Security Highlight