Order the SecureAuth IdP appliance (virtual or hardware)
Receive the Shipment Notification email from SecureAuth
Acquire the appliance
(If virtual) Download the virtual appliance image
(If hardware) Receive the hardware appliance
Prepare for the Pre-deployment Meeting
The keys to a successful deployment are thorough planning and preparation of the network environment where the appliance will live before beginning the installation, and a good understanding of what functions the appliance will be expected to perform. Your Sales Engineer (SE) will assist with this process during a Pre-deployment Meeting, working with you to define the intended functionality of the appliance, prepare the environment, and decide on initial settings.
Topics you should be prepared to discuss during the Pre-deployment Meeting are listed below.
What do you want the SecureAuth IdP appliance to do? SecureAuth IdP can perform multiple functions. Talk through the project with your SE to establish your goals for the appliance. Knowing what you expect the appliance to do will inform all the next steps and decide which further questions need to be answered.
What types of realms do you need? At a high level, each realm can provide one of 3 functions:
Single Sign-on (to both internal and external applications)
Identity Management and User Self-service
What database will the appliance connect to? SecureAuth IdP does not maintain its own database; instead, it connects to your existing company database in order to maintain the security of members' personally identifiable information (PII). The appliance can connect to nearly any LDAP or SQL-based database out of the box (Active Directory is by far the most common). If needed, the Custom Development team can often write connectors to databases that are not natively supported.
Where on your network will the appliance live? The location is always driven by the customer's network topology and security policies; the appliance is highly flexible in this regard. The primary concern here is understanding how communications between SecureAuth and the user database, the device or application, and the client systems will work.
How many and what kind of firewalls exist on your network? SecureAuth IdP requires certain ports to be opened between the appliance and the network in order to function.
SecureAuth's recommendation is No, unless explicitly required.
Do you need reporting/logging capability? If so, then you will need to ensure that the appliance can talk to your reporting database.
Technology owners/Points of contact
Who is responsible for install & power-up of the appliance? Who is responsible for connecting the appliance to the network? Who is responsible for running & maintaining the appliance once deployed?
In many cases there are different teams responsible for these phases of deployment. Knowing this ahead of time greatly helps the SE facilitate useful communication among all parties.
Requirements Before Deploying
The items listed below need to be completed before beginning your installation.
If possible, bring or make available a copy of your company's network document to the Pre-deployment Meeting.. This will help the SE gain a clearer understanding of how the appliance is going to fit into your network.
Consult with your IT or Database team and request configuration and connection details for the company's database. Bring this information with you to the Pre-deployment Meeting.
Determine Network Details
Before or during the Pre-deployment Meeting, you need to make several decisions regarding how you will add the appliance to the network, including:
Static IP vs. DHCP dynamic allocation
Before continuing, open the required ports for each firewall on your network that stands between the appliance and the network, which include the Windows Advanced Firewall and any additional corporate firewalls on your network.
If you require ICMP or additional ports and protocols for your environment, please work with your SE to properly complete the setup.