Configuration - Celestix E6600 Installation Manual

4

Configuration

After the appliance has been installed on the network, settings need to be configured. General setup uses
a wizard to step through configuration in the web UI. Instructions cover the steps common to most
deployments, but again, an individual organization may require different or additional configuration.
For setup, the administrator needs access to the following resources:
• The external firewall (see
• The E Series appliance web UI
The section General Information
General Information
The following topics cover requirements, assumptions, and terminology used in the Celestix Edge E
Series Appliance Installation Guide.
Terminology Disambiguation
The following list explains how terms to describe components are used in documentation.
• On-premises domains are sometimes referred to as AD domains, but documentation uses the term
internal domain.
• Off-premises domains are sometimes qualified by the terms external or public, but documentation
uses the term federated domain.
• Servers configured with the role Active Directory Domain Services may be referred to as the
domain controller (DC) or designated by the acronym AD DS. The acronym AD is used as a
general referent for the internal domain directory.
• Unified Remote Access refers to the collection of technologies that Microsoft offers to allow
external clients to access internal network resources. Documentation uses the short name Remote
Access. The E Series includes the Remote Access features Direct Access, VPN, and Web
Application Proxy.
• The terms roles, services, and features are used to refer to Server 2012 R2 functionality for remote
connectivity.
• Remote Desktop Services (desktop virtualization) refers to the collection of technologies that
Microsoft offers to allow organizations to publish cloud resources. The E Series can be used for
the Remote Desktop Gateway (RD Gateway) and Remote Desktop Web Access (RD Web Access)
desktop virtualization server roles.
• Network Policy Server (NPS) is the Microsoft implementation of RADIUS authentication.
• Remote Access:
▪ DirectAccess – computer account security groups (security groups) can be created in AD to
manage client access efficiently by using group policy objects (GPOs).
▪ WAP – A federation service namespace is sometimes referred to as the ADFS or
authentication namespace, but documentation generally uses the shortened term federation
namespace. It is used as the Service Principle Name (Service Name) for ADFS. The
federation namespace is based on the FQDN that represents the SSL certificate Subject (or
Common Name).
• Work Folders:
▪ A Sync share is a collection of user folders that use the same policy settings.
▪ A Sync server has the Work Folders role installed. It can contain multiple sync shares.
▪ User account security groups (security groups) should be created in AD to manage folder
access efficiently by using group policy objects (GPOs).
22
Firewall Ports Reference)
provides necessary details to complete configuration.
E Series Installation Guide