SECUREMATRIX GSB
SECUREMATRIX is a highly secure, tokenless, one-time-password (OTP) authentication solution that is easy to use and cost effective. It uses a combination of location, sequence, and image pattern from a matrix table to generate a single-use password. SECUREMATRIX GSB server with SECUREMATRIX Authentication server substantially enhances the security of VPN/SSL-VPN endpoints, cloud based applications and resources, desktop/virtual desktop login, and web applications (Reverse proxy with OTP). It provides a solution that is compatible with PCs, Virtual Desktops, tablets, and smart phones.
Using the NetScaler SDX multitenant platform architecture in a software defined network, SECUREMATRIX’s strong authentication feature can be integrated with other tenants or cloud services delivered through the Citrix ADC, such as Web Interface, Citrix Virtual Apps and Desktops, and many other application services that require authentication.
Provision a SECUREMATRIX GSB instance
SECUREMATRIX GSB requires a SECUREMATRIX Authentication server that must be configured outside the SDX appliance. Select exactly one interface and specify the network settings for only that interface.
Note: SR-IOV interfaces (1/x and 10/x) that are part of a channel do not appear in the list of interfaces. Channels are not supported on a SECUREMATRIX GSB instance.
Download an XVA image from the SECUREMATRIX website and upload it to the SDX appliance before you start provisioning the instance. For more information about downloading an XVA image, see the SECUREMATRIX website. Make sure that you are using Management Service build 118.7 or later on the SDX appliance.
On the Configuration tab, navigate to SECUREMATRIX GSB > Software Images.
To upload an XVA image to the SDX appliance:
- In the details pane, under XVA Files > Action, click Upload.
- In the dialog box that appears, click Browse, and then select the XVA file that you want to upload.
- Click Upload. The XVA file appears in the XVA Files pane.
To provision a SECUREMATRIX instance
- On the Configuration tab, navigate to SECUREMATRIX GSB > Instances.
- In the details pane, click Add.
- In the Provision SECUREMATRX GSB wizard, follow the instructions on the screen.
- Click Finish, and then click Close.
After provisioning the instance, log on to the instance and perform a detailed configuration.
To modify the settings of a provisioned SECUREMATRIX instance, in the SECUREMATRIX Instances pane, select the instance that you want to modify, and then click Modify. In the Modify SECUREMATRIX GSB wizard, modify the parameters.
Note: If you modify any of the interface parameters or the name of the instance, the instance stops and restarts to put the changes into effect.
Generate a tar archive for submission to technical support. For information about generating a technical support file, see Generating a Tar Archive for Technical Support.
Back up the configuration of a SECUREMATRIX GSB instance and later use the backup data to restore the configuration of the instance on the SDX appliance. For information about backing up and restoring an instance, see Backing Up and Restoring the Configuration Data of the SDX Appliance.
Monitor a SECUREMATRIX GSB instance
The SDX appliance collects statistics, such as the version of SDXTools
, the states of SSH and CRON daemons, and the Webserver state, of a SECUREMATRIX GSB instance.
To view the statistics related to a SECUREMATRIX GSB instance:
- Navigate to SECUREMATRIX GSB > Instances.
- In the details pane, click the arrow next to the name of the instance.
Manage a SECUREMATRIX GSB instance
You can start, stop, restart, force stop, or force restart a SECUREMATRIX GSB instance from the Management Service.
On the Configuration tab, expand SECUREMATRIX GSB.
To start, stop, restart, force stop, or force restart an instance:
- Click Instances.
- In the details pane, select the instance on which you want to perform the operation, and then select one of the following options:
- Start
- Shut Down
- Reboot
- Force Shutdown
- Force Reboot
- In the Confirm message box, click Yes.
Upgrade the SDX tools file for a SECUREMATRIX GSB instance
SDXTools
, a daemon running on the SECUREMATRIX GSB instance, is used for communication between the Management Service and the instance.
Upgrading SDXTools
involves uploading the file to the SDX appliance, and then upgrading SDXTools
after selecting an instance. You can upload an SDXTools
file from a client computer to the SDX appliance.
To upload an SDXTools file:
- In the navigation pane, expand Management Service, and then click SDXTools Files.
- In the details pane, from the Action list, select Upload.
- In the Upload SDXTools Files dialog box, click Browse, navigate to the folder that contains the file, and then double-click the file.
- Click Upload.
To upgrade SDXTools:
On the Configuration tab, expand SECUREMATRIX GSB.
- Click Instances.
- In the details pane, select an instance.
- From the Action list, select Upgrade SDXTools.
- In the Upgrade SDXTools dialog box, select a file, click OK, and then click Close.
Upgrade and downgrade a SECUREMATRIX GSB instance
The process of upgrading the SECUREMATRIX GSB instance involves uploading the software image of the target build to the SDX appliance, and then upgrading the instance. Downgrading loads an earlier version of the instance.
On the Configuration tab, expand SECUREMATRIX GSB.
To upload the software image:
- Click Software Images.
- In the details pane, from the Action list, select Upload.
- In the dialog box, click Browse, navigate to the folder that contains the build file, and then double-click the build file.
- Click Upload.
To upgrade the instance:
- Click Instances.
- In the details pane, select an instance.
- From the Action list, select Upgrade.
- In the dialog box that appears, select a file, click OK, and then click Close.
To downgrade an instance:
- Click Instances.
- In the details pane, select an instance.
- From the Action list, select Downgrade.
- In the Confirm message box, click Yes.
Troubleshoot a SECUREMATRIX GSB Instance
Ping a SECUREMATRIX GSB instance from the Management Service to check whether the device is reachable. You can trace the route of a packet from the Management Service to an instance to determine the number of hops involved in reaching the instance.
Rediscover an instance to view the latest state and configuration of an instance. During rediscovery, the Management Service fetches the configuration and the version of the SECUREMATRIX GSB running on the SDX appliance. By default, the Management Service schedules instances for rediscovery once every 30 minutes.
On the Configuration tab, expand SECUREMATRIX GSB.
To ping an instance:
- Click Instances.
- In the details pane, select the instance that you want to ping, and from the Action list, click Ping. The Ping message box shows whether the ping is successful.
To trace the route of an instance:
- Click Instances.
- In the details pane, select the instance for which you want to trace the route, and from the Action list, click TraceRoute. The Traceroute message box displays the route to the instance.
To rediscover an instance:
- Click Instances.
- In the details pane, select the instance that you want to rediscover, and from the Action list, click Rediscover.
- In the Confirm message box, click Yes.