Agilicus AnyX
Product Guide
Individual product guide pages are laid out below as cards. These are intended to be linked and navigated within the Agilicus AnyX administrative web interface, but are available here for reference.
For information on embedding the Agilicus AnyX platform into your workflow or product, see also the API and SDK.
See, follow, subscribe to a set of articles on tips, tricks, best practices on using Agilicus AnyX, or, see the Frequently Asked Questions (FAQ).
A set of Examples are also available.
-
Agilicus Connector High Availability
Install and Operate the Agilicus Connector in a high-availability, high-resilience mode.
-
Agilicus VAR and Supporting Companies
Create and operate your own customers under your Agilicus Organisation as a VAR or other supporting company.
-
Agilicus Connector – GL-MT3000 (Beryl AX)
Install an Agilicus Connector on an OpenWRT-based GL-MT3000 Beryl AX
-
Sub Organisation Issuer
You can now create an issuer for a suborganisation from a parent organisation. Doing so will bring up a new admin/profile endpoint for the suborganisation, at the suborganisation’s subdomain. E.g. admin.suborg.myorg.cloud.
-
Resource Labels
Resource Labels are used to create hierarchy, grouping. Use them to create folders in Profile.
-
Agilicus Connector – Snap
Install an Agilicus Connector on a Snap-based Ubuntu Core system. Agilicus Connector – Snap
-
Cisco IOx Zero Trust Connector Install
Cisco IOx Zero Trust . Configure a Cisco IR1101 IOx with Agilicus Connector. Zero Trust Remote Access to it, to IoT beyond it.
-
Agilicus Connector – Export Certificate
Have a local resource that should be properly TLS encrypted and publicly trusted certificate? The Agilicus Connector can facilitate this.
-
Applications
Agilicus Web Applications: any web page or API, any user, no VPN, full web-application-firewall authentication
-
Moxa UC-8200 Zero-Trust Connector Install
Moxa UC-8200 Zero-Trust. Configure a Moxa UC-8200 Industrial PC with the Agilicus Agent Connector.
-
Authentication Issuer – Onsite Identity
An Authentication Issuer holds and confirms Identity. Configure your own custom ones here.
-
Agilicus AnyX Frequently Asked Questions
Agilicus AnyX Frequently Asked Questions. Configuration, Operation, Use..
-
VNC Desktop
The VNC Desktop feature allows browser-based use of remote graphical-oriented resources. This can include traditional operating systems like Windows, Linux, MacOS, but, also, includes embedded devices such as HMI.
-
Signup: Firewall Configuration
Restrictive firewalls (e.g. Palo Alto SSL) may filter by SNI (hostname) in outbound direction and break Signup. See how to configure.
-
Real VNC & Raspberry Pi
The Raspberry PI (with Raspbian) comes pre-installed with a VNC-like server. This can be configured to support standard authentication and used via Agilicus Any-X
-
Connect to VTScada – Adding a Web Application
Learn how to add an application to the Agilicus platform and connect to VTScada through a zero trust model
-
Administrative Users
Administrative users are assigned via System Groups (sysgroups). These allow you to control who can make changes, to what objects.
-
Audit Destinations
Audit records are written for events ranging from authentication, authorisation, and API access. Configure how to receive these.
-
Define Application: Proxy
An Identity-Aware Web Application operates as a proxy, bringing identity, authentication, authorisation on behalf of web applications.
-
Auto-Create Users From Specific Domain With Google Workplace
Create a customised Sign In With Google (for e.g. Workplace with auto-create users)
-
Authentication Audit
Authentication audit shows events related to user identity, each step, multi-factor, policies, locations, etc. E.g. ‘sign-in’ obtain id token.
-
Authentication Issuer – Custom Identity
An Authentication Issuer holds and confirms Identity. Configure your own custom ones here.
-
Service Accounts
A service account is a specific subset of permissions assigned to a non-human user. The most common use is the Agilicus Agent Connector.
-
Usage Metrics
Platform usage metrics are available showing top-users and overall active counts.
-
Sign in With Apple
Sign in with Apple allows you to use resources through the Agilicus platform authenticated by an Apple ID.
-
Agilicus Launcher (Desktop)
Automatically mount a Share, launch a local application. With multi-factor authentication. Without a VPN. Automated rollout to all users.
-
Theory of Operation: CNAME + DOMAIN
Theory of operation: initial setup, choose a domain name, set the CNAME wildcard.
-
Sign in With Microsoft
Sign in with Microsoft to the Agilicus Platform. Ramificatiosn of Shared vs your own Azure Active Directory Application.
-
Microsoft ClickOnce
Deploy with Microsoft ClickOnce. Secure with Agilicus Zero Trust. Single-Sign-On, no VPN. Seamless end user experience.
-
Authentication Rules
Authentication rules allow providing conditional-access rulesets during the authentication process. IP range, device, multi-factor, etc.
-
Launchers
Integration of Resources with the Desktop is achieved through the Launcher. – Mount a Share – Open an SSH – Open a Desktop – Launch an executable
-
Resource Groups
Resource groups are a means of applying a common configuration across a set of resources (connectors, applications, shares, etc)
-
Zero-Trust Desktop Access
Simplify and secure your Desktop Access. Fine-grained authorisation per Desktop. Any user, from any identity provider. No public IP needed.
-
Command Line API Access
Your application also behaves as an API, used by a CLI or other non-browser-based application. Here you can see how to use via HTTP proxy or token.
-
Content Security Policy
Content-Security-Policy is a set of headers to protect your application from malicious content in objects, scripts, images, frames, etc.
-
Forwarding
Network Resources may be forwarded from site to site or user to site. This allows you to e.g. expose an ERP or database without a VPN.
-
Zero-Trust SSH Access
Simplify your SSH access with Zero Trust. Direct access to any internal server, cloud VPC or VLAN without changing firewall.
-
Services
A ‘service’ is a global resource (usually TCP) available from your domain of control to web applications running in the platform.
-
Application Request Access
Your organisation has a dynamic workforce, and a dynamic list of applications that they use to be efficient. A self-discovery, self-request workflow is more efficient than a command-and-control model.
-
Authentication Clients
The Authentication Clients implement OpenID Connect client id. This is an advanced setting, it is rarely required to configure. These are created automatically for each web application.
-
Identity & Authentication Methods
You can theme the authentication (sign-in) screen your users see. Learn how.