EEVI Client Access User Guide Hardtoken

EEVI Client Access User Guide Hardtoken

EAB-09:086027 Uen Rev E


EAB-09:086027 Uen Rev E 2011-02-22 Ericsson AB 2010Ericsson Internal

2 (14)

Contents1 Introduction ..........................................................................................31.1 Information about this document.............................................................3

2 Quick Guide ..........................................................................................4

3 Signing in..............................................................................................53.1 Log on First Time....................................................................................83.2 Initial Password Change.........................................................................8

4 If you forget the PIN-code ....................................................................9

5 Installation of Needed Components....................................................95.1 Windows 2000 Client..............................................................................95.2 Windows XP Client ...............................................................................105.3 Start Network Connect .........................................................................10

6 Signing out..........................................................................................11

7 Ericsson IT Service desk ...................................................................12

8 After logon more info ......................................................................12

9 System requirements .........................................................................129.1 Supported platforms/Operating Systems ..............................................129.1.1 Supported browsers and Java versions ................................................139.2 Internet explorer security setting...........................................................139.3 Known issues & application conflicts ....................................................14

Revision & StatusDate Rev. Status / Reason Author

2009-12-01 PA1 New Document started, importing major parts from older doc.

Carlos Leon C

2009-12-28 B Document updated, text in Italic is being phased out.

Carlos Leon C

2010-04-23 PB4 Added new document template Henrik Larsson L

2011-01-18 PB7 Updated with gw and other info Carlos Leon C



3 (14)

1 IntroductionThis instruction is aimed for external partners that have been assigned a Third Party Connection (TPC) based on the Extended Enterprise via Internet solution (EEVI).

The solution will grant the user access to approved applications at Ericsson according to the business agreement between the companies and Ericsson Security Directives.

1.1 Information about this documentThis document starts with a quick guide (heading 2) on how to connect to Ericsson. If you want a more thorough instruction go directly to heading 3 Signing in.

You may need to contact your own local IT-support to be able to verify that yourdesktop is compliant for this solution. For more information around compliance see heading 9, system requirements.



4 (14)

2 Quick GuideThis is a quick guide of how to connect to Ericsson Corporate Network for partners. If you fail to connect, try to go through the steps under heading 3.

Close all your applications on your desktop

Start your web browser and enter the URL in which region you shall connect. Please only use the url assigned to you from Connection Owner or your Ericsson contact. You will not be able to use any other portal than the one assigned to you as your profile only exists on one portal:

https://partner.se.ericsson.net (for access in Europe, Africa, Middle East)

https://partner.my.ericsson.net (for access in Asia, Pacific)

https://partner.us.ericsson.net (for access in Americas)

https://partner.au.ericsson.net (for access in Australia)

https://partner.cn.ericsson.net (for access in China)

https://partner.in.ericsson.net (for access in India)

Enter your login credentials, username, domain (where applicable, some portals is updated and no domain needed), password and strong authentication method.

On the next page enter your one time password provided by your token.

FIRST time you login you will be asked to accept the download of a small active X program that needs to run on your desktop. Accept this installation.

FIRST time you login you will be asked to change your password. You will be asked to change it.

After a successful login sequence you will be prompted a page where you can start the Network Connect session to Ericsson. Click start and you will be connected.



5 (14)

3 Signing in1. Start the signing in process by shutting down running applications that

can be effected by this new network connection. Your client will lose connectivity with your local network during the time you stay connected to Ericsson.

2. Start your web browser and enter the URL in which region you shall connect. Please only use the URL assigned to you from Connection owner or your Ericsson contact. You will not be able to use any other portal than the one assigned to you as your profile only exists on one portal:

https://partner.se.ericsson.net (for access in Europe, Africa, Middle East)

https://partner.my.ericsson.net (for access in Asia, Pacific)

https://partner.us.ericsson.net (for access in Americas)

https://partner.au.ericsson.net (for access in Australia)

https://partner.cn.ericsson.net (for access in China)

https://partner.in.ericsson.net (for access in India)



6 (14)

Your browser will display the below page for NTLM and Domain version:

Your browser will display the below page for LDAPS-realm and non-domainversion:



7 (14)

3. Write your user name and choose the domain(where applicable, some portals is updated and no domain needed) that your account belongs to (eemea for Europe, eapac for Asia/Pacific or eamcs for Americas).

4. Enter your domain Password and Strong authentication method HARDTOKEN/SOFTTOKEN (EEVI-NTLM/LDAPS)

5. Click the Continue Authentication button.

You will be prompted to change your domain-password on regular basis. Be sure to remember it! If you have forgotten or locked your account, please contact Ericsson IT Service desk to reset password.

6. Read the non disclosure agreement and enter your One-Time Password provided by your hard token card. If you using Hard token without keypad, you will first enter code from hard token followed by pin code provided by email.

7. Click Sign In button.

8. When authentication is approved, a host checker will be downloaded to your host verifying you match the criteria for your profile. This could be Anti-Virus, correct Source-IP etc. Please verify that Antivirus is updated, Host-Firewall running and that you are coming from the correct Source IP agreed upon initial setup of EEVI.

Please accept all pop-up and active X from partner.xx.ericsson.net

9. If you are denied access and are redirected back to first logon page, please verify the points in step 8.



8 (14)

3.1 Log on First TimeWhen you log on to the service for the first time you need to change the password that you initially received. You also need to permit an ActiveX Component to be downloaded and installed.

3.2 Initial Password ChangeIn order to secure your Ericsson credentials you are forced to change your initial password. During your first login, you will be brought to the change password page as shown below.

Note! A password has an expiration time of 60 days due to security reasons. Your account will also be locked in the event of three (3) consecutive invalid logs in attempts. Expired means that the password is old and needs to be changed.

If your password has been locked or expired, please contact your IT Service desk to have it unlocked (password reset).

The password must be at least 8 characters in length, and requires that

- It has note been used in the 10 previous passwords

- Does not contain your account or full name

- Password must match below character groups criteria:

At least 1 English UPPERCASE characters (A through Z)

At least 1 English lowercase characters (a through z)

At least 1 Numerals (0 through 9)

Cannot contain Non-alphabetic characters (such as !, $, %)

- Only 1 password change per day is allowed.

After changing your password successfully, you will be brought back to the login screen with the message:



9 (14)

Now log in again, using your new credentials.

4 If you forget the PIN-codeIf you forget the PIN-code you must call Ericsson Service Desk in order to get a new one. The process for this follows the common routine when password and PIN-code are lost.

5 Installation of Needed ComponentsThe first time you login using your new credentials, you will be asked to permit an ActiveX component to be installed. This component is needed in order to use the service. The request to permit the installation is different dependent on if you are using Windows 2000, Windows XP, Vista or Windows 7.

5.1 Windows 2000 ClientIf you are accessing from a Windows 2000 client, the below dialog box will appear:

Click Yes and wait while the needed components are downloaded and installed.



10 (14)

5.2 Windows XP ClientIf you are accessing from a Windows XP client, a yellow information bar and a dialog box appear in your browser the first time you log in.

Please see displayed notifications as shown in the pictures below.

Click the yellow bar and select Install ActiveX Control.

5.3 Start Network ConnectAfter signing in successfully, a menu will appear as below.

Click Start to set up the connection to Ericsson. At first set up, a small application will be downloaded and configured on your PC.

Please note that you will only have limited connectivity to your local network when you are connected to Ericsson. You can check your connection status by clicking the network connect symbol on the task bar.



11 (14)

6 Signing outWhen finishing your session, you should always log out from the service and the SSL/VPN connection.

This is done by clicking the Sign Out button with the door-icon available on the toolbar in the upper-right corner.

Your logging off will be confirmed when the following page is displayed, informing you that the session has been terminated. For security reasons you should also shut down your web browser.

You can log in again from this page by clicking the line Sign in to the gateway again. The log on procedure will then start from the beginning.

Idle time-out will be put into effect after 30 minutes.



12 (14)

The max session length is 12 hours after that new log in procedure is necessary.

Please note. It can take up to one minute until you will regain full access to your local area network after signing out.

7 Ericsson IT Service deskFor problems with the account or general signing in questions. Please contact Ericsson IT Service desk.

8 After logon more infoFor more information about the TPC partner solutions and guidelines, please access

http://prodcatit.internal.ericsson.com/Default.asp?ArticleId=B34B1A82-9195-48A6-BE68-E34073FF7A6D&ArticleType=ProductHP&LNav=Other&ContentId=1DC9BC7C-A585-4400-BE41-A7F594205CA4&N=

9 System requirementsTo be able to use the SSL/VPN solution provided for partners to access Ericsson internal systems you will need the following:

Signum at Ericsson (e.g. Userid)

Domain account in Ericsson Active Directory

One time password token (Hardtoken/SMS-token)

Supported platform as below, with local admin rights

An active updated anti virus protection program running on the client.

9.1 Supported platforms/Operating Systems- Windows XP

- Windows 2000

- Windows Vista



13 (14)

- Windows 7

9.1.1 Supported browsers and Java versions

- Internet Explorer 8.0 (Wherever applicable)

- Firefox 3.0

- Sun JRE 5/1.5.07 and above

- Microsoft JVM for Windows 2000

9.2 Internet explorer security settingTo be able to run this service you will need to have a security level in your browser that allows you to install ActiveX components. The security level needs to be medium or lower if you use Internet Explorer. See picture below.



14 (14)

9.3 Known issues & application conflictsSome applications are known to conflict with this solution. The solution will not work with any of the software below installed on the client.

Example of known application-conflicts.

Cisco VPN client

Checkpoint security agent

ORICAD with USB license token.

iTunes Bonjour

EEVI Client Access User Guide Hardtoken.docIntroductionInformation about this document

Quick GuideSigning inLog on First TimeInitial Password Change

If you forget the PIN-codeInstallation of Needed ComponentsWindows 2000 ClientWindows XP ClientStart Network Connect

Signing outEricsson IT Service deskAfter logon more infoSystem requirementsSupported platforms/Operating SystemsSupported browsers and Java versions

Internet explorer security settingKnown issues & application conflicts

EEVI Client Access User Guide Hardtoken

Documents

Transcript of EEVI Client Access User Guide Hardtoken