SECUREMATRIX GSB

SECUREMATRIX is a highly secure, tokenless, one-time-password (OTP) authentication solution that is easy to use and cost effective. It uses a combination of location, sequence, and image pattern from a matrix table to generate a single-use password. SECUREMATRIX GSB server with SECUREMATRIX Authentication server substantially enhances the security of VPN/SSL-VPN endpoints, cloud based applications and resources, desktop/virtual desktop login, and web applications (Reverse proxy with OTP). It provides a solution that is compatible with PCs, Virtual Desktops, tablets, and smart phones.

Using the Citrix ADC SDX multitenant platform architecture in a software defined network, SECUREMATRIX’s strong authentication feature can be integrated with other tenants or cloud services delivered through the Citrix ADC, such as Web Interface, Citrix Virtual Apps and Desktops, and many other application services that require authentication.

For more information, seeSECUREMATRIX.

Provision a SECUREMATRIX GSB instance

SECUREMATRIX GSB requires a SECUREMATRIX Authentication server that must be configured outside the SDX appliance. Select exactly one interface and specify the network settings for only that interface.

Note:SR-IOV interfaces (1/x and 10/x) that are part of a channel do not appear in the list of interfaces. Channels are not supported on a SECUREMATRIX GSB instance.

Download an XVA image from the SECUREMATRIX website and upload it to the SDX appliance before you start provisioning the instance. For more information about downloading an XVA image, see the SECUREMATRIX website. Make sure that you are using Management Service build 118.7 or later on the SDX appliance.

On theConfigurationtab, navigate toSECUREMATRIX GSB > Software Images.

To upload an XVA image to the SDX appliance:

1. In the details pane, underXVA Files > Action, clickUpload.
2. In the dialog box that appears, clickBrowse, and then select the XVA file that you want to upload.
3. ClickUpload. The XVA file appears in the XVA Files pane.

To provision a SECUREMATRIX instance

1. On theConfigurationtab, navigate toSECUREMATRIX GSB > Instances.
2. In the details pane, clickAdd.
3. In theProvision SECUREMATRX GSB wizard, follow the instructions on the screen.
4. ClickFinish, and then clickClose.

After provisioning the instance, log on to the instance and perform a detailed configuration. For more information, see theSECUREMATRIXwebsite.

To modify the settings of a provisioned SECUREMATRIX instance, in theSECUREMATRIX Instancespane, select the instance that you want to modify, and then clickModify. In the Modify SECUREMATRIX GSB wizard, modify the parameters.

Note:If you modify any of the interface parameters or the name of the instance, the instance stops and restarts to put the changes into effect.

Generate a tar archive for submission to technical support. For information about generating a technical support file, seeGenerating a Tar Archive for Technical Support.

Back up the configuration of a SECUREMATRIX GSB instance and later use the backup data to restore the configuration of the instance on the SDX appliance. For information about backing up and restoring an instance, seeBacking Up and Restoring the Configuration Data of the SDX Appliance.

Monitor a SECUREMATRIX GSB instance

The SDX appliance collects statistics, such as the version ofSDXTools, the states of SSH and CRON daemons, and the Webserver state, of a SECUREMATRIX GSB instance.

To view the statistics related to a SECUREMATRIX GSB instance:

1. Navigate toSECUREMATRIX GSB > Instances.
2. In the details pane, click the arrow next to the name of the instance.

Manage a SECUREMATRIX GSB instance

You can start, stop, restart, force stop, or force restart a SECUREMATRIX GSB instance from the Management Service.

On theConfigurationtab, expandSECUREMATRIX GSB.

To start, stop, restart, force stop, or force restart an instance:

1. ClickInstances.
2. In the details pane, select the instance on which you want to perform the operation, and then select one of the following options:
   • Start
   • Shut Down
   • Reboot
   • Force Shutdown
   • Force Reboot
3. In the Confirm message box, clickYes.

Upgrade the SDX tools file for a SECUREMATRIX GSB instance

SDXTools, a daemon running on the SECUREMATRIX GSB instance, is used for communication between the Management Service and the instance.

UpgradingSDXToolsinvolves uploading the file to the SDX appliance, and then upgradingSDXToolsafter selecting an instance. You can upload anSDXToolsfile from a client computer to the SDX appliance.

To upload an SDXTools file:

1. In the navigation pane, expandManagement Service, and then clickSDXTools Files.
2. In the details pane, from theActionlist, selectUpload.
3. In theUpload SDXTools Filesdialog box, clickBrowse, navigate to the folder that contains the file, and then double-click the file.
4. ClickUpload.

To upgrade SDXTools:

On theConfigurationtab, expandSECUREMATRIX GSB.

1. ClickInstances.
2. In the details pane, select an instance.
3. From theActionlist, selectUpgrade SDXTools.
4. In theUpgrade SDXToolsdialog box, select a file, clickOK, and then clickClose.

Upgrade and downgrade a SECUREMATRIX GSB instance

The process of upgrading the SECUREMATRIX GSB instance involves uploading the software image of the target build to the SDX appliance, and then upgrading the instance. Downgrading loads an earlier version of the instance.

On theConfigurationtab, expandSECUREMATRIX GSB.

To upload the software image:

1. ClickSoftware Images.
2. In the details pane, from theActionlist, selectUpload.
3. In the dialog box, clickBrowse, navigate to the folder that contains the build file, and then double-click the build file.
4. ClickUpload.

To upgrade the instance:

1. ClickInstances.
2. In the details pane, select an instance.
3. From theActionlist, selectUpgrade.
4. In the dialog box that appears, select a file, clickOK, and then clickClose.

To downgrade an instance:

1. ClickInstances.
2. In the details pane, select an instance.
3. From theActionlist, selectDowngrade.
4. In the Confirm message box, clickYes.

Troubleshoot a SECUREMATRIX GSB Instance

Ping a SECUREMATRIX GSB instance from the Management Service to check whether the device is reachable. You can trace the route of a packet from the Management Service to an instance to determine the number of hops involved in reaching the instance.

Rediscover an instance to view the latest state and configuration of an instance. During rediscovery, the Management Service fetches the configuration and the version of the SECUREMATRIX GSB running on the SDX appliance. By default, the Management Service schedules instances for rediscovery once every 30 minutes.

On theConfigurationtab, expandSECUREMATRIX GSB.

To ping an instance:

1. ClickInstances.
2. In the details pane, select the instance that you want to ping, and from theActionlist, clickPing. The Ping message box shows whether the ping is successful.

To trace the route of an instance:

1. ClickInstances.
2. In the details pane, select the instance for which you want to trace the route, and from theActionlist, clickTraceRoute. The Traceroute message box displays the route to the instance.

To rediscover an instance:

1. ClickInstances.
2. In the details pane, select the instance that you want to rediscover, and from theActionlist, clickRediscover.
3. In the Confirm message box, clickYes.