Using a Directory gateway for external access to Security Center (Basic, Advanced) - Security Center 5.9

Security Center Hardening Guide 5.9

series
Security Center 5.9
revised_modified
2020-11-30

Directory gateways allow Security Center applications on non-secured networks to connect to the main server that is behind a firewall.

What you should know

A Directory gateway is a Security Center server that acts as a proxy for the main server. A server cannot be both a Directory server and a Directory gateway; the Directory server must connect to the Directory database and, for security reasons, the Directory gateway must not.

Procedure

  1. From the Config Tool home page, open the System task, and click the Roles view.
  2. Select the Directory Manager () role, and then click the Directory servers tab.
  3. At the bottom of the server list, click Advanced ().
    An extra column, Gateway, opens in the list.
  4. At the bottom of the list, click Add an item ().
  5. In the dialog box that opens, select the server you want to add, and click Add.
  6. Add more servers to the list if necessary.
  7. Select the Gateway option on servers you want to use as Directory gateways.
    A Directory gateway must be located on the non-secured network. It does not need to access the Directory database, but it needs to connect to the main server. The following example shows a system with two Directory servers, one of which is the main server, and two Directory gateways.
    NOTE:
    • Load balancing only occurs between Directory servers. A user trying to connect to a Directory gateway will not be redirected to a Directory server, and vice versa.
    • The Disaster recovery option only applies to Directory servers, not to Gateways.

    Directory gateways

  8. Update your license to include the servers that you have just promoted to Directory gateways.
  9. Click Apply.