ProSecure Unified Threat Management (UTM) Appliance Reference Manual
Managing Users, Authentication, and Certificates 9-17
v1.0, January 2010
3. Enter the settings as explained in Table 9-6.
4. Click Apply to save your settings.
Managing Digital Certificates
The UTM uses digital certificates (also known as X509 certificates) during the Internet Key
Exchange (IKE) authentication phase to authenticate connecting IPsec VPN gateways or clients,
or to be authenticated by remote entities. The same digital certificates are extended for secure web
access connections over HTTPS (that is, SSL connections).
Digital certificates can be either self-signed or can be issued by certification authorities (CAs) such
as an internal Windows server or an external organizations such as Verisign or Thawte.
However, if the digital certificates contain the extKeyUsage extension, the certificate must be used
for one of the purposes defined by the extension. For example, if the digital certificate contains the
extKeyUsage extension that is defined for SNMPV2, the same certificate cannot be used for
secure web management. The extKeyUsage would govern the certificate acceptance criteria on the
UTM when the same digital certificate is being used for secure web management.
Table 9-6. Edit User Settings
Setting Description (or Subfield and Description)
User Type From the pull-down menu, select one of the pre-defined user types that
determines the access credentials:
• Administrator. User who has full access and the capacity to change the
UTM configuration (that is, read/write access).
• SSL VPN User. User who can only log in to the SSL VPN portal.
• IPSEC VPN User. User who can only make an IPsec VPN connection via
a NETGEAR ProSafe VPN Client, and only when the XAUTH feature is
enabled (see “Configuring Extended Authentication (XAUTH)” on
page 7-38).
• Guest User. User who can only view the UTM configuration (that is, read-
only access).
Check to Edit Password Select this checkbox to make the password fields accessible to modify the
password.
Enter Your Password Enter the old password
New Password Enter the new password
Confirm New Password Re-enter the new password for confirmation.
Idle Timeout The period after which an idle user is automatically logged out of the Web
management interface. De default idle timeout period is 10 minutes.