Agilicus AnyX

Create and operate your own customers under your Agilicus Organisation as a VAR or other supporting company.

You can now create an issuer for a suborganisation from a parent organisation. Doing so will bring up a new admin/profile endpoint for the suborganisation, at the suborganisation’s subdomain. E.g. admin.suborg.myorg.cloud.

Resource Labels are used to create hierarchy, grouping. Use them to create folders in Profile.

Agilicus Web Applications: any web page or API, any user, no VPN, full web-application-firewall authentication

An Authentication Issuer holds and confirms Identity. Configure your own custom ones here.

Agilicus AnyX Frequently Asked Questions. Configuration, Operation, Use..

The VNC Desktop feature allows browser-based use of remote graphical-oriented resources. This can include traditional operating systems like Windows, Linux, MacOS, but, also, includes embedded devices such as HMI.

Restrictive firewalls (e.g. Palo Alto SSL) may filter by SNI (hostname) in outbound direction and break Signup. See how to configure.

The Raspberry PI (with Raspbian) comes pre-installed with a VNC-like server. This can be configured to support standard authentication and used via Agilicus Any-X

Learn how to add an application to the Agilicus platform and connect to VTScada through a zero trust model

Administrative users are assigned via System Groups (sysgroups). These allow you to control who can make changes, to what objects.

Audit records are written for events ranging from authentication, authorisation, and API access. Configure how to receive these.

An Identity-Aware Web Application operates as a proxy, bringing identity, authentication, authorisation on behalf of web applications.

Create a customised Sign In With Google (for e.g. Workplace with auto-create users)

Authentication audit shows events related to user identity, each step, multi-factor, policies, locations, etc. E.g. ‘sign-in’ obtain id token.

An Authentication Issuer holds and confirms Identity. Configure your own custom ones here.

A service account is a specific subset of permissions assigned to a non-human user. The most common use is the Agilicus Agent Connector.

Platform usage metrics are available showing top-users and overall active counts.

Sign in with Apple allows you to use resources through the Agilicus platform authenticated by an Apple ID.

Automatically mount a Share, launch a local application. With multi-factor authentication. Without a VPN. Automated rollout to all users.

Theory of operation: initial setup, choose a domain name, set the CNAME wildcard.

Sign in with Microsoft to the Agilicus Platform. Ramificatiosn of Shared vs your own Azure Active Directory Application.

Deploy with Microsoft ClickOnce. Secure with Agilicus Zero Trust. Single-Sign-On, no VPN. Seamless end user experience.

Authentication rules allow providing conditional-access rulesets during the authentication process. IP range, device, multi-factor, etc.

Integration of Resources with the Desktop is achieved through the Launcher. – Mount a Share – Open an SSH – Open a Desktop – Launch an executable

Resource groups are a means of applying a common configuration across a set of resources (connectors, applications, shares, etc)

Simplify and secure your Desktop Access. Fine-grained authorisation per Desktop. Any user, from any identity provider. No public IP needed.

Your application also behaves as an API, used by a CLI or other non-browser-based application. Here you can see how to use via HTTP proxy or token.

Content-Security-Policy is a set of headers to protect your application from malicious content in objects, scripts, images, frames, etc.

Network Resources may be forwarded from site to site or user to site. This allows you to e.g. expose an ERP or database without a VPN.

Simplify your SSH access with Zero Trust. Direct access to any internal server, cloud VPC or VLAN without changing firewall.

A ‘service’ is a global resource (usually TCP) available from your domain of control to web applications running in the platform.

Your organisation has a dynamic workforce, and a dynamic list of applications that they use to be efficient. A self-discovery, self-request workflow is more efficient than a command-and-control model.

The Authentication Clients implement OpenID Connect client id. This is an advanced setting, it is rarely required to configure. These are created automatically for each web application.

You can theme the authentication (sign-in) screen your users see. Learn how.