LDAP Support for Centralized Authentication
Security is at the heart of many large organizations and the IT departments we engage with on a daily basis push us to meet their needs. As they’ve become more sophisticated in requirements for authentication we’ve kept in step. For a while now we’ve offered SAML and SSO for our web user interface. With the release of LDAP support, AppNeta customers can now enforce their own authentication policies across their AppNeta deployment. However, until now, AppNeta Monitoring Points were a locked-down physical or virtual appliance designed to operate stand-alone in all environments.
- Centralized control - AppNeta now folds into existing centralized policies around password length, complexity and schedule of change.
- No more sticky note - There are no new passwords to remember. Authorization groups control login rights.
- Better security visibility - The audit trail for monitoring point activity links to individuals through their central authentication identity.
Why we use Two Authentication Methods
AppNeta uses both SAML and LDAP because they are provide different types of security. As a secure external authentication mechanism SAML serves as web app authentication. In contrast, the AppNeta Monitoring Point is deployed within the customer environment, behind the firewall and has direct access to LDAP identity management systems. Both of these technologies can use the same LDAP or Active Directory source, but one is designed for external access and one is designed for internal access.
Start Using LDAP
To make use of the support all you need is an LDAPv3 compliant directory server that is accessible from the Monitoring Point itself. There must be an authorization group on that server containing the Monitoring Point administrators. For login attempts, the monitoring point accesses the LDAP server and search the correct authorization group. The default configuration is a great place to start for some customers, but the configuration of LDAP for AppNeta is simple.
AppNeta LDAP Workflow
Note for Existing Customers
LDAP is only available on our current generation of appliances–m35, v35 or r45. AppNeta will not be porting this functionality to previous generations. To devise an upgrade plan or to ask any further questions please reach out to your Customer Success Manager or email email@example.com.