How to connect Security Console via a proxy using Active Directory (NTLM) authentication

Security for Virtualized Environments (SVE) by Bitdefender is the first comprehensive security solution for virtualized datacenters. The solution protects virtualized Windows, Linux, and Solaris systems, both servers and desktops. While integrated with VMware vShield, the unique architecture of the solution allows it to be leveraged when using any system virtualization offering.

This article describes how to configure Security Console to work with a proxy that uses Active Directory (NTLM) authentication. The article applies to SVE (Multi-Platform) 1.2.4.

• Overview
• Workaround

Overview

Starting with version 1.2.4, SVE (Multi-Platform) provides support for configuring SecurityConsole to connect via a proxy server using basic authentication or no authentication. Proxy settings can be configured in Security Console from the company account page.

For proxy servers that authenticate users against Active Directory, a workaround is available. The workaround works for the NTLM authentication method

Workaround

To enable Security Console to connect via a proxy server that uses Active Directory (NTLM) authentication, you must install a local proxy (cntlm) on the Security Console appliance. You will configure Security Console to connect to the local proxy and the local proxy to connect to the corporate proxy server that uses Active Directory (NTLM) authentication.

You can perform this setup immediately after deploying the appliance and configuring its network settings or at any time later on. Note that the appliance must have Internet access.

To install and configure the local cntlm proxy on the Security Console appliance:

1. Access the appliance console from your virtualization management tool (for example, vSphere Client). Alternatively, you can connect to the appliance via SSH.
2. Log in using the default credentials:
   • Username: administrator
   • Password: admin
3. Install cntlm by running the following command:
   $ sudo apt-get install cntlm

   Note
   Internet connection is required for apt-get to download the package. To set up a temporary Internet connection via a proxy server using basic authentication or no authentication, you can use one of the following commands, replacing the parameters in capital letters with the proxy details:

   • For a proxy server with basic authentication:
     $ export http_proxy="http://USER:PASSWORD@IP_PROXY:PORT"
   • For a proxy server with no authentication:
     $ export http_proxy="http://IP_PROXY:PORT"

   After installing cntlm, remove the proxy connection by running the following command:
   $ unset http_proxy

4. Edit the cntlm configuration file (/etc/cntlm.conf) and enter the details of the proxy server that uses Active Directory (NTLM) authentication:
   • Username
   • Domain
   • Password
   • Proxy
5. Reload the cntlm configuration by running the following command:
   $ sudo service cntlm restart
6. Check Internet connectivity (for example, ping a web address).

Once you have installed and configured cntlm on the Security Console appliance, configure Security Console to connect through the local proxy:

1. Log in to the Security Console web interface using your company account. If you connect for the first time (when performing initial setup), use the default credentials:
   • Username: default@company.com
   • Password: default
2. Go to the Accounts > My Account page (displayed by default at the first login, when performing initial setup).
3. Under Proxy Settings, you must select Use Proxy and configure settings as follows:
   • Enter localhost in the IP field and 3128 in the Port field.
   • Leave the Username and Password fields blank.
4. Click Submit to save changes.

1. 1
2. 1
3. 0
4. 1
5. 0