| General
> Overview tab |
|
Name
|
Specifies a unique name for the user role.
|
Enter a name.
|
|
Description
|
Describes the user role.
|
Enter a brief description for the user role.
|
|
Session Options
|
Specifies the maximum session length, roaming capabilities,
and session persistence.
|
Select General > Session Options to apply the settings to the role.
|
|
UI Options
|
Specifies customized settings for the Infranet Controller
welcome page for Odyssey Access Client users mapped to this role.
|
Select General > UI Options to apply the settings to the role.
|
|
Odyssey Settings for IC Access
|
Specifies the Odyssey Access Client settings for Infranet
Controller access.
|
Select this option to apply the Odyssey Access Client
initial configuration settings.
|
|
Odyssey Settings for Preconfigured Installer
|
Specifies the Odyssey Access Client settings for the
preconfigured installer.
|
Select this option to apply the Odyssey Access Client
settings for the preconfigured installer.
|
| General
> Restrictions tab |
|
Source IP Restrictions
|
Specifies IP restrictions.
|
For Source IP restrictions, see "Configuring Infranet
Controller Source IP Access Restrictions (NSM Procedure)".
|
|
Browser Restrictions
|
Specifies Browser restrictions.
|
For Browser restrictions, see "Configuring Infranet Controller
Browser Access Restrictions (NSM Procedure)".
|
|
Certificate Restrictions
|
Specifies Certificate restrictions.
|
For Certificate restrictions, see "Configuring Infranet
Controller Certificate Access Restrictions (NSM Procedure)".
|
|
Host Checker Restrictions
|
Specifies Host Checker restrictions.
|
For Host Checker restrictions, see "Configuring Infranet
Controller Host Checker Access Restrictions (NSM Procedure)".
|
| General
> Session Options tab |
|
Max. Session Length (minutes)
|
Specifies the number of minutes an active nonadministrative
user session may remain open before ending. During an end-user session,
prior to the expiration of the maximum session length, the Infranet
Controller prompts the user to reenter authentication credentials,
which avoids the problem of terminating the user session without warning.
|
Enter the session length in minutes. The default is five
minutes, and the minimum is six minutes.
|
|
Heartbeat Interval (seconds)
|
Specifies the frequency at which the endpoint should
send out a heartbeat to the Infranet Controller to keep the session
alive. For agentless access, the browser refreshes the page with every
heartbeat.
|
Enter the heartbeat interval in seconds.
Users should not navigate away from the browser, as this interrupts
the heartbeat and ends the session. The Odyssey Access Client and
the Java agent respectively provide the heartbeat. You should ensure
that the heartbeat interval of the agent is greater than the Host
Checker interval, otherwise performance could be affected.
|
|
Heartbeat Timeout (seconds)
|
Specifies the amount of time that the Infranet Controller
should “wait” before terminating a session when the endpoint
does not send a heartbeat response.
|
Enter the heartbeat timeout in seconds.
|
|
Roaming session
|
-
Enabled—Enables roaming
user sessions for users mapped to this role. A roaming user session
works across source IP addresses, which allows mobile users (laptop
users) with dynamic IP addresses to sign in to the Infranet Controller
from one location and continue working from another. Disable this
feature to prevent users from accessing a previously established session
from a new source IP address. This helps protect against an attack
spoofing a user’s session, provided the hacker was able to obtain
a valid user's session cookie.
-
Limit to subnet—Limits
the roaming session to the local subnet specified in the Netmask field.
Users may sign in from one IP address and continue using their sessions
with another IP address as long as the new IP address is within the
same subnet.
-
Disabled—Disables roaming
user sessions for users mapped to this role. Users who sign in from
one IP address may not continue an active Infranet Controller session
from another IP address; user sessions are tied to the initial source
IP address.
|
Select to enable, limit, or disable the roaming session.
|
|
Roaming netmask
|
Displays the netmask for the local subnet.
|
Select to view the netmask for the local subnet.
|
| General
> UI Options tab |
|
Headers > Logo image
|
Displays the logo in the Infranet Controller welcome
page.
|
Browse to your custom image file.
|
|
Headers > Background color
|
Displays the background color for the header area of
the Infranet Controller welcome page.
|
Type the hexadecimal number for the background color,
or click the Color Palette icon and pick the desired color.
|
|
Greeting > Show notification message
|
Enables the notification text box.
|
Select the Show notification message check box (optional).
|
|
Greeting > Notification Message
|
Displays the notification message at the top of the Infranet
Controller welcome page.
|
Enter the message that you want to display.
You may format text and add links using the following HTML tags:
<i>, <b>, <br>, <font>, and <a href>. However, the
Infranet Controller does not rewrite links on the sign-in page (because
the user has not yet authenticated), so you should only point to external
sites. Links to sites behind a firewall will fail. You may also use
Infranet Controller system variables and attributes in this field.
- The length of the personalized greeting cannot exceed
12K or 12288 characters.
- If you use unsupported HTML tags in your custom message,
the Infranet Controller may display the end user’s Infranet
Controller home page incorrectly.
|
|
Other > Show copyright notice and ’Secured
by Juniper Networks’ label in footer
|
Displays the copyright notice and label in the footer.
|
Select the Show copyright notice and ’Secured
by Juniper Networks’ label in footers check box
(optional).
This setting applies only to those users whose license permits
disabling the copyright notice. For more information about this feature,
call Juniper Networks Support.
|
