Using the Desktop Client and Mobile Authenticator app
BlastShield™ Remote User access is highly secure and convenient. In just a few simple steps your remote users are quickly authenticated and connected to the BlastShield™ network of their choice. Remote users can use the BlastShield™ Mobile Authenticator app on their mobile device and the BlastShield™ Desktop App to quickly access the network. The high level workflow is explained below.
In the Desktop Client, chose the Mobile App authentication method.
Scan the displayed QR code using the Mobile Authenticator app on your mobile device.
Select the network and perform a biometic check in the Mobile Authenticator app
BlastShield™ Client
The BlastShield™ Client is a downloadable software client available for Windows, MacOS, Linux, Apple iOS and Android which allows a user to authenticate and connect to a BlastShield™ network.
The BlastShield™ Client works with the BlastShield™ Mobile Authenticator app to perform the QR code challenge used in the multi-factor authentication process when connecting to BlastShield™. The Client encrypts all packets sent out on the BlastShield™ network and decrypts incoming packets. Along with the Orchestrator and the Mobile Authenticator, the Client is involved in the exchange and management of key information used in the authentication and securing of users and sessions on the BlastShield™ network.
 |
The Client provides information on the current network connection, including the status of currently connected peers and the connection time. The Client has a log viewer and has controls for connecting and disconnecting to and from the BlastShield™ network and the Orchestrator.
BlastShield™ Mobile Authenticator app
The BlastShield™ Mobile Authenticator is a free downloadable software Multi Factor Authenticator App available from the Google Play Store and the Apple App Store. Users must use the BlastShield™ Mobile Authenticator app to authenicate with the BlastShield network.
The BlastShield™ Mobile Authenticator app works with the BlastShield™ Client to perform the QR code challenge used in the multi-factor authentication process when connecting to BlastShield™. Along with the Orchestrator and the BlastShield Client, the Authenticator app is involved in the exchange and management of key information used in the authentication and securing of users and sessions on the BlastShield™ network.
The Mobile Authenticator app performs a biometric check of the user (fingerprint or face id) as part of the authentication process when a user connects to the BlastShield network.
 |
Allow outbound access to the following domains. Whitelist these on your firewall as necessary or if you use an SSL web proxy then bypass them from the proxy:
auth.blastwave.ioandlighthouse.blastwave.ioon TCP port 443.Outbound UDP ports to all required destinations.
Resolution of DNS requests must be supported by the network.
If you use DNS over HTTPS, ensure it is configured in your OS and not in your browser to allow the BlastShield Client to use its associated DNS server.
Ensure that the timezone is correctly set on your computer for your location and that the clock is set accurately.
Orchestrator access requires IPv6 support in the OS of the host running the desktop client, so make sure there is no Windows group policy disabling IPv6 in the registry.