1. Installation setup

System requirements

Please check the following requirements before installing Visual Guard Identity Server.

Visual Guard 2024.0

  • OS: Windows Server 2012, 2016, 2019, 2022
  • Hard Drive: 512 GB to 1 TB – Fast drive recommended, ideally SSD
  • CPU:  4 core min – 3 Ghz or higher
  • RAM: 8 GB 
  • SQL Server for the Visual Guard Repository (SQLServe standard edition or higher), or Oracle for the Visual Guard Repository (Oracle Driver installation required, version Oracle9i or higher).
  • .Net Core 6.0
  • .Net Core hosting bundle 6.0.You can download the hosting bundle (dotnet-hosting-6.0) from the official Microsoft website. (https://dotnet.microsoft.com/en-us/download/dotnet/thank-you/runtime-aspnetcore-6.0.26-windows-hosting-bundle-installer)
  • IIS should be installed (Select checkboxes shown below)
  • Install the VGIdentityServerSetup. [Link available in the table above]
  1. Doing so, will create a ‘VisualGuardIdentityServer’ website.
  2. It will also create an application pool ‘AspNetCore’ ‘with – .Net CLR Version – “No Managed Code”.
    (If not created, please create it manually)
  • Check the list of websites, select ‘VisualGuardIdentityServer’.
    Go to ‘Advanced Settings’, and select application pool – ‘AspNetCore’.
  • Check ‘permissions’, and assign full permissions to ‘IIS_IUSRS’.
  • Check the application root path.
    Select ‘web.config’ , please make sure it contains the following values:
<aspNetCore processPath="dotnet" arguments=".\Novalys.VisualGuard.Tools.VGIdentityServer.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdosut">
<environmentVariables />
</aspNetCore>

Private mode Communication

  • Windows Server 2022 Build 20348 or later.

Installation Steps

Step 1: Download Visual Guard Identity Server setup and follow the installation wizard


Step 2: Enter the required information, Site, Application pool and click Next


Step 3: Installation process will begin


Step 4: Once installation is complete, you will be notified with a message confirming the successful setup. Please click “Close” to exit the setup.


1.1 How to migrate from VGServer ?

The VGServer has been replace by Visual-Guard Identity Server.

VG Identity Server works with the bearer Token, the VGToken, which is contained inside of the claims.

We need to authenticate from VG Identity Server

The API has been updated.
Please refer to the following list to find out how to update the API:

  • /Security/Principal/GetIdentity replace by /api/Principal/GetIdentity
  • /Security/GetRoles replace by /api/Principal/GetCurrentRoles
  • /Security/IsInRoleByName/ replace by /api/Principal/IsInRoleByName
  • /Security/HasPermissionByName/ replace by /Security/HasPermissionById/
  • /Security/GetPermissions replace by /api/Principal/GetCurrentPermissions

2. Repository configuration

Step 1: The Visual Guard identity server needs a connection to the VGRepository


Step 2: Select your repository type (SQL Server or Oracle) from the dropdown and click on Next


Step 3: Set the information of your repository as required and click on “Test Connection” to test the connection to the repository.

Once your connection is valid you will receive a connection successful message, click Ok and then Next.


Step 4: Set your VG identity server Url to configure successfully


Step 5: Once the configuration is successful you can click on Finish and you can start using the repository


3. Authentication

In Visual Guard, “Authentication” is the process of verifying the identity of a user or entity attempting to access a system or application. Visual Guard supports various types of authentication methods, each offering different levels of security and user experience:

  1. Visual Guard: Users authenticate using Visual Guard’s built-in login system, where they provide a username and password combination verified against Visual Guard’s user database. This method offers a standard authentication approach managed within the Visual Guard framework.
  2. Windows Authentication by Credential: Users authenticate through their Windows credentials, leveraging the security infrastructure of the Windows operating system. Visual Guard integrates with Windows authentication to validate user identities, providing seamless access to applications based on Windows credentials.
  3. Multi-Factor Authentication (MFA): Visual Guard supports Multi-Factor Authentication (MFA), requiring users to provide additional verification beyond a username and password. This could include receiving a one-time password (secure code) or magic link via SMS or email. MFA enhances security by adding an extra layer of protection against unauthorized access, even if login credentials are compromised.
  4. Passwordless:Passwordless login is a method of authentication that allows users to access a system or application without requiring a traditional password. Instead of entering a password, users are authenticated through alternative methods such as magic link or SMS verification. In Visual Guard, passwordless login enhances security and user experience by providing convenient and secure authentication options that eliminate the need for users to remember and manage passwords.

These authentication methods cater to different security requirements and user preferences, allowing Visual Guard to provide a flexible and robust authentication framework for securing applications and systems.

Click on any of the below authentication types to know steps of login

3.1 Visual-Guard User

Users authenticate using Visual Guard’s built-in login system, where they provide a username and password combination verified against Visual Guard’s user database. This method offers a standard authentication approach managed within the Visual Guard framework.

Shown below is a demo application secured by VisualGuard Identity Server.

Step 1: User tries to access the demo application, by clicking on ‘Secure using Universal Login‘.


Step 2: Since the user is not authenticated user, he/she will be redirected to the Identity server login page automatically.

Click on the drop down under Authentication and choose VisualGuard and enter the Username and Password, click sign In


Step 3: Once the user is authenticated and authorized successfully, he/she will be redirected back to the demo application.


3.2 Windows by Credential

Users authenticate through their Windows credentials, leveraging the security infrastructure of the Windows operating system. Visual Guard integrates with Windows authentication to validate user identities, providing seamless access to applications based on Windows credentials.

Shown below is a demo application secured by VisualGuard Identity Server

Step 1: User tries to access the demo application, by clicking on ‘Secure using Universal Login‘.


Step 2: Since the user is not authenticated user, he/she will be redirected to the Identity server login page automatically

Click on the drop down under Authentication and choose WindowsbyCredential and enter the Username (Domain\username) and Password


Step 3: Once the user is authenticated and authorized successfully, he/she will be redirected back to the demo application.


3.3 Multifactor Authentication (MFA)

Visual Guard supports Multi-Factor Authentication (MFA) on top of the existing authentication methods, requiring users to provide additional verification beyond a username and password. This could include receiving a one-time password (secure code) or magic link via SMS or email. MFA enhances security by adding an extra layer of protection against unauthorized access, even if login credentials are compromised.

Shown below is a demo application secured by VisualGuard Identity Server.

Step 1: User tries to access the demo application, by clicking on ‘Secure using Universal Login’.


Step 2: Since the user is not authenticated user, he/she will be redirected to the Identity server login page automatically

Click on the drop down under Authentication and choose your prefered authentication types i.e VisualGuard or WindowsbyCredential etc, then enter the Username and Password, Click sign In


Step 3: Once you login, the MFA authentication window will show up, which will ask you the options if you would like to have the link or OTP to be sent via email or SMS, after selecting the option click on OK.


Step 4: Once you choose the option, an OTP or link will be sent to your registered email ID or phone number, enter the OTP received and click on Sign In


Step 5: Once the user is authenticated and authorized successfully, he/she will be redirected back to the demo application.


3.4 Passwordless

Passwordless login is a method of authentication that allows users to access a system or application without requiring a traditional password. Instead of entering a password, users are authenticated through alternative methods such as magic link or SMS verification. In Visual Guard, passwordless login enhances security and user experience by providing convenient and secure authentication options that eliminate the need for users to remember and manage passwords.

Shown below is a demo application secured by VisualGuard Identity Server.

Step 1: User tries to access the demo application, by clicking on ‘Secure using Universal Login‘.


Step 2: Since the user is not authenticated user, he/she will be redirected to the Identity server login page automatically.

Click on the drop down under Authentication and choose Passwordless and enter the Username, click sign In


Step 3: You will be asked to authenticate yourself through the magice link or SMS by the registered details. Click Ok once you select the option


Step 4: Once the user is authenticated and authorized successfully, he/she will be redirected back to the demo application.


4. Multifactor Authentication (MFA) Enrollment

In Visual Guard, MFA enrollment within the identity server framework enhances security by requiring users to provide multiple forms of verification before access is granted. This process involves users setting up additional authentication methods through the Visual Guard Magic link beyond their standard login credentials. Visual Guard’s approach streamlines the setup and management of these extra security layers, ensuring robust protection of sensitive information and systems against unauthorized access, all while maintaining a user-friendly enrollment experience. The member would receive an SMS or link through thier email or phone to get authenticated.

Below are the steps to enroll the MFA

Step1: Login the to the identity serve with your credentials and sign in.


Step 2: Please select the verification method you prefer to select first


Step 3: Register your email ID for the verification


Step 4: Once your email ID is registered, you will receive an email with a verification code to authenticate the email ID


Step 5: Once your email ID is verified, you will receive a enrollment successful message. You may go back to the application or choose to enroll your mobile number as well as a authentication factor.


Step 6: To enroll your mobile number you can enter your number and click and send SMS


Step 7: Once you register you mobile number, a secure code will be sent via SMS to authenticate the number


Step 8: Once the mobile number is verified you will receive a authentication successful message


Step 9: Once you have enrolled yourself you may go back to the application and login.

This image has an empty alt attribute; its file name is image-18-1024x500.png


5. Dashboard

A dashboard is a graphical user interface that provides users with a consolidated view of key information and data relevant to VisualGuard Identity Server, by providing easy access.

  • User Interface: The user interface (UI) in Visual Guard refers to the graphical interface which allows to customize the user interface by managing company logos and landing page text.
  • Identity Server: Configuring a server in an Identity Server involves setting up and customizing the server’s operational parameters that dictate how the identity server operates and interacts with other components to manage authentication, authorization, and user management services effectively within an IT ecosystem
  • Client Configuration: Configuring a client in Identity Server involves registering the client and its type with the authorization server, obtaining client credentials, specifying authorization grant types and redirect URIs, and understanding the token endpoint and scope. These configurations ensure secure and proper interaction between the client and the Identity server while protecting user data and resources.
  • Restart Identity Server: By clicking on this icon the identity server will restart

The dashboard allows administrators to monitor the health and performance of the identity server, track user authentication and authorization trends, and access important configuration settings and management tools to ensure smooth operation and security compliance.

Click on the below icons to know further about each of the functionalities.

6. Client Configuration

Client configuration in Visual Guard involves setting up and configuring the Visual Guard Client component, which is responsible for enforcing security policies and managing user authentication and authorization within client applications. This configuration typically includes specifying the Visual Guard server endpoint, defining authentication methods, configuring access control rules, and integrating client applications with Visual Guard’s security framework. Client configuration ensures that client applications can securely authenticate users, enforce access controls, and interact with the Visual Guard server to manage user identities and permissions effectively.

Step 1: Select the Client from the dropdown


Step 2: Select the Client’s platform type as well from the dropdown and click on Generate Client Configuration


Sample data from the generation of the client configuration.


7. Settings

Settings refer to configurable options and parameters that govern the behavior, functionality, and security of the identity server. These settings allow administrators to customize various aspects of the identity server to align with organizational requirements and security policies. They may include options related to authentication methods, user registration, password policies, token issuance, logging and auditing, integration with external systems, and more. Configuring settings in Visual Guard Identity Server ensures that the identity server operates effectively, securely, and in accordance with organizational needs, providing a centralized and robust platform for managing authentication and authorization across applications and systems.

Below are the different settings available under Identity Server.

7.1 User Interface

The user interface (UI) in Visual Guard refers to the graphical interface that users interact with to manage company logos and landing page text.

1. Customize logo

If you want to customize the logo, you can easily customize it as shown below.

Steps:

  • Login to the Visual-guard Identity Server
  • You can go to the settings -> UserInterface Page.
  • Goto the ‘Company Logo’ tab.
  • Specify the logo.

2. Change the website text

If you want to customize the login page for specific application, you can use some pre-defined visual-guard variables as shown below.

Pre-defined Visual-guard variables

  • [ApplicationId] – Gets the application Id.
  • [ApplicationName] – Gets the application Name
  • [ApplicationDescription]- Gets the application Description

Steps:

  • Login to the Visual-guard Identity Server with master admin rights
  • You can go to the settings -> UserInterface Page.
  • Goto the WebSite Text tab.
  • Provide the text to be displayed along with the pre-defined variables as shown below.

Result:

After applying the changes, when login form will be displayed, it will contain the application name and application id information via pre-defined variables as shown below.


7.2 Configure Server

Configuring a server in an Identity Server involves setting up and customizing the server’s operational parameters that dictate how the identity server operates and interacts with other components to manage authentication, authorization, and user management services effectively within an IT ecosystem.

Configuring an Identity Server is a critical task that requires a deep understanding of both the technical aspects of the Identity Server software and the security requirements of the organization. Proper configuration ensures that the Identity Server can provide secure, reliable, and efficient identity services across the organization’s applications and systems.

You can edit the Identity Server parameters.

  1. Primary Information: You can provide the basic information of your Identity Server

2. Edit Signing Certificate: You can manage the signing certificate and click on Validate Certificate below when you update the certificate


3. Is Clustered: You can configure whether identity server is clustered or not, you need to provide the Issuer Uri for the clustered Uri


4. Allow auto restart when required: You can choose if you want the server to restart automatically and you can also set up the time to check at every x minutes for the restart


5. Is Grpc Private Service Enabled: You can choose if you want to enable Grpc, if yes then you need to provide the Grpc port and whether the Grpc web is enabled or not as it makes the private service compatible with http 1.1.


6. Authentication Preferences: You can provide the default domain for windows authentication on IdentitySever, the authentication mode and whether the windows authentication and automatic windows aunthentication is enabled or not


7. Other Information: You can choose if the you want to overwrite Identity Server once it is deployed


8. Click on Switch Configuration if you want to select another identity server configuration, Click on Save button, when you want your changes to be saved, and make sure to restart Identity Server to reflect your new changes.You can restart the Identity Server by clicking on Restart button


7.2.1 Switch Identity Server

Selecting or switching the Identity Server configuration involves choosing or changing the operational settings and parameters of an Identity Server to match specific requirements or to transition between different environments (e.g., development, testing, production). It enables administrators to manage multiple configurations efficiently and switch between them as needed to support various operational scenarios or to update security measures without disrupting service.

Click on Switch Configuration to change your Identity Server, Select the server name from the drop down and click on Next.

Once you click on the Next button and you will get edit page incase you wan to update on settings, then click on the Save button, when you want your changes to be saved, and make sure to restart Identity Server to reflect your new hanges.You can restart the Identity Server by clicking on Restart button

7.2.2 New Identity Server

Process of setting up a new instance of an Identity Server,

Step 1: Provide Primary information like server name and description


Step 2: Edit Signing Certificate

You can manage the signing certificate and click on Validate Certificate below when you update the certificate


Step 3: Is Clustered

You can configure whether identity server is clustered or not, you need to provide the Issuer Uri for the clustered Uri


Step 4: Allow auto restart when required

You can choose if you want the server to restart automatically and you can also set up the time to check at every x minutes for the restart


Step 5: Is Grpc Private Service Enabled

You can choose if you want to enable Grpc, if yes then you need to provide the Grpc port and whether the Grpc web is enabled or not as it makes the private service compatible with http 1.1.


Step 6: Authentication Preferences

You can provide the default domain for windows authentication on IdentitySever, the authentication mode and whether the windows authentication and automatic windows aunthentication is enabled or not


Step 7: Other Information

You can choose if the you want to overwrite Identity Server once it is deployed


Step 8: Click on Save button, when you want your changes to be saved, and make sure to restart Identity Server to reflect your new changes.You can restart the Identity Server by clicking on Restart button


7.3 Local Settings

Here, you can configure Visual Guard’s Identity Server Url, which will be used for internal communication.

VGIdentityServer makes internal calls to perform operations such as authentication, session management, and loading of authorizations. Configuring this url ensures that these calls are correctly routed within the network infrastructure.

Configuring the Internal DNS for VGIdentityServer

To ensure optimal configuration of VGIdentityServer, follow the steps below in the “Local Settings” section:

  1. Access Local Settings: In the VGIdentityServer administration interface, navigate to the “Local Settings” submenu. This section contains various configuration settings that influence the operation of the identity server.
  2. Set the Internal DNS: Look for the field dedicated to configuring the internal DNS. This field should be filled with the Fully Qualified Domain Name (FQDN) or internal IP address of the VGIdentityServer, followed by the port used for internal communications. For example: internaldns.example.com:port or 192.168.1.1:port.
  3. Save Changes: After entering the internal DNS and port, make sure to save your changes. This action refreshes the VGIdentityServer configuration and applies the new settings.

8. Advanced Settings

You can configure some properties manually.

inside of the appSettings.json, you can configure the Level of trace, etc…

You can check the Server URL here.

8.1 How to activate Tracing and Logging?

Tracing refers to the systematic recording of events, operations, and processes within the VG system. This functionality is crucial for debugging, monitoring system performance, auditing security processes, and ensuring compliance with regulatory standards. Tracing in VG captures detailed information about the system’s behavior, including authentication attempts, authorization checks, and other security-related events.

Purpose of Tracing in Identity Server

  1. Debugging and Troubleshooting: Helps identify and resolve issues within VG by providing a detailed log of events leading up to an error or malfunction.
  2. Security Auditing: Records security-related events, such as login attempts, access control decisions, and changes to security policies, which is essential for detecting potential breaches and unauthorized access attempts.
  3. Performance Monitoring: Tracks the performance of VG operations, allowing administrators to identify and address bottlenecks or inefficiencies in the system.
  4. Compliance and Reporting: Supports compliance with legal and regulatory requirements by logging access and changes to sensitive data, demonstrating that appropriate security controls are in place.

To enable different levels of tracing, choose the appropriate options in the appsettings.json file (visual reference provided below).


VGIdentityServerConfiguration.TraceLevel

This property specifies the minimum level to log for Visual Guard Identity Server activities.
It has following options available.

  • Off = 0, //Output no tracing and debugging messages.
  • Error = 1, //Output error-handling messages.
  • Warning = 2, //Output warnings and error-handling messages.
  • Info = 3, //Output informational messages, warnings, and error-handling messages.
  • Verbose = 4 //Output all debugging and tracing messages.

Logging

The Logging property can have LogLevel and log provider properties. The LogLevel specifies the minimum level to log for selected categories. In the screenshot, Information and Warning log levels are specified. LogLevel indicates the severity of the log and ranges from 0 to 6:

  • Trace = 0
  • Debug = 1
  • Information = 2
  • Warning = 3
  • Error = 4
  • Critical = 5
  • None = 6.

The “Default” and “Microsoft” categories are specified.
The “Microsoft” category applies to all categories that start with “Microsoft”.
The “Microsoft” category logs at log level Warning and higher.

A specific log provider is not specified, so LogLevel applies to all the enabled logging providers except for the Windows EventLog.


Check Logs and Traces

You can check the logs and traces files as shown below.


8.2 How to set up Windows Authentication?

Visual Guard offers two modes of Windows authentication:
Windows SSO (Single Sign On) and Mix-Mode Authentication (Windows + another type of authentication).

Requirement

    • The VG Identity Server needs to be installed on a Windows Server

    • The Windows Server needs to be in the domain

    • The Windows Server needs to have IIS

Activate Windows Authentication in the VG Repository

First, you need to check if Windows is activated in the repository

    • Open VG WinConsole

    • Select and open your VGRepository

  • In the VGRepository settings, check that Windows Authentication is enabled in the supported authentication modes section.
Active Windows authentication


Activate Windows Authentication in VG Identity Server

IIS needs to have Windows Authentification activated

    • Select VG Identity Server app

    • Go to authentication module

    • Enable Anonymous and Windows authentification

Activate Anonymous and Windows authentification


Which Windows authentication mode should be selected?

Visual Guard offers two modes of Windows Authentication:

The first mode is Mixed Mode authentication that allows you to authenticate users with their Windows and another type of authentification

The second one is Windows SSO (Single Sign On), the user don’t need to do any things, Visual Guard authenticate the user directly without any action.


How to configure for the Mixed Mode Authentication?

To activate this mode, you need to open the VG Identity Server folder:

    • Open appsettings.json file for VisualGuard Identity Server

    • Set IsWindowsAuthenticationEnabled = true

    • Set IsAutomaticWindowsAuthenticationEnabled = false

    • Save the file and restart the VGIdentityServer

Sample

{
  "VGIdentityServerConfiguration": {
    "ServerId": "a31a70b4-9a09-445e-82c9-c6262eaa58f5",
    "WebUserInterfaceId": "03d1acad-61bf-4b62-82f4-3fe5eb0bb554",
    "IsWindowsAuthenticationEnabled": true,
    "IsAutomaticWindowsAuthenticationEnabled": false,
    "TraceLevel": "Verbose",
    "ServerUrl": "http://localhost:5000",
    "UseDefaultIdentityServerWhenServerIdEmpty": false,
    "CheckIfRestartRequiredAtEveryMinutes": "1",
    "AllowAutoRestart": "true"
  }  
}

VG Identity Server Sample login form

Mixed mode authentification user view

Windows Authentification


How to configure Windows SSO?

The Windows SSO (Single Sign-On) allows to authenticate users without any action on their part.

To activate this mode, you need to open the VG Identity Server folder.

    • Open appsettings.json file for VisualGuard Identity Server

    • Set IsWindowsAuthenticationEnabled = true

    • Set IsAutomaticWindowsAuthenticationEnabled = true

    • Save the file and restart the VGIdentityServer.

Sample code

{
  "VGIdentityServerConfiguration": {
    "ServerId": "a31a70b4-9a09-445e-82c9-c6262eaa58f5",
    "WebUserInterfaceId": "03d1acad-61bf-4b62-82f4-3fe5eb0bb554",
    "IsWindowsAuthenticationEnabled": true,
    "IsAutomaticWindowsAuthenticationEnabled": true,
    "TraceLevel": "Verbose",
    "ServerUrl": "http://localhost:5000",
    "UseDefaultIdentityServerWhenServerIdEmpty": false,
    "CheckIfRestartRequiredAtEveryMinutes": "1",
    "AllowAutoRestart": "true"
  }
}

From now on, when a user accesses the page, he will be automatically authenticated with his Windows account, without displaying a login screen.

8.3 How to activate new private communication ?

8.4 How to deactivate Windows SSO ?

VGIdentityServer Feature Guide: Configurable Windows SSO Authentication

This guide provides detailed instructions on how to utilize specific settings for automatic Windows SSO authentication in VGIdentityServer. These settings allow developers to choose between automatic Windows authentication and manual authentication.

Server Configuration Example:


Server URL: https://vgidentityserver.mycompany.local


IdentityServer Settings:

Windows Authentication Enabled: true
Automatic Windows Authentication Enabled: true



Accessing the Identity Server UI:

Using Current Windows Account (AutoWindowsSSO)

URL: https://vgidentityserver.mycompany.local/Account/Login

  • If the current Windows account user has the necessary rights, the system will automatically sign you in.
  • If the user lacks the required rights, you’ll be redirected to the login page with a “not authorized to login” message. Here, you can log in using different credentials.

Without Using Current Windows Account (Manual Authentication)

  • URL with parameter: https://vgidentityserver.mycompany.local/Account/Login?autowindowssso=false
  • The system will prompt you for credentials to authenticate.

Requesting Tokens or Authorization Codes via Browser (AutoWindowsSSO)

  • Example URL: https://vgidentityserver.mycompany.local/connect/authorize?response_type=code&client_id=172b5450-6954-4bf5-982f-9af688f1aa58_WebApp
    • &redirect_uri=http://localhost:5002/signin-oidc&scope=openid+profile+VGActivityDate+VGApplications+VGDeveloper+VGIsApproved+VGIsLocked+
    • VGPermissions+VGProfile+VGRoles+VGToken+offline_access+IdentityServerApi
  • If the current Windows account user has rights, a code will be provided in the response.
  • Without the necessary rights, you’ll be redirected to the login page with a “not authorized to login” message.


Requesting Tokens or Authorization Codes Without Current Windows Account

  • URL with parameter:
  • https://vgidentityserver.mycompany.local/connect/authorize?autowindowssso=false&response_type=code&client_id=172b5450-6954-4bf5-982f-9af688f1aa58_WebApp&redirect_uri=http://localhost:5002/signinoidc
    • &scope=openid+profile+VGActivityDate+VGApplications+VGDeveloper+VGIsApproved+VGIsLocked+
    • VGPermissions+VGProfile+VGRoles+VGToken+offline_access+IdentityServerApi
  • The system will prompt you for credentials to authenticate.

9. Archive

Welcome to the Visual-Guard Archive section. This part of our documentation is dedicated to providing easy and organized access to previous versions of Visual-Guard, allowing users and developers to find information, guides, and references for past versions of our product.

Why an Archive?

As Visual-Guard continues to evolve, maintaining a record of previous versions is crucial for several reasons:

  • Historical Support: Enables users to consult the documentation of previous versions to solve specific issues or understand the evolution of the product.
  • Migration Assistance: Aids users in the migration process by providing detailed information on the differences and enhancements between versions.
  • Compatibility: Ensures that users working on existing projects can access relevant information for their version of Visual-Guard.

How to Use the Archive

The Archive is organized by version, with each section dedicated to a specific version of Visual-Guard. Below are links to the archived versions:

Visual-Guard 2020.X

This section contains all documentation related to Visual-Guard 2020, including user guides, release notes, and API references.

Previous Versions

For versions prior to Visual-Guard 2020, please click here.

Upgrading to VG 2024

If you’re ready to migrate to the latest version, VG 2024, check out our migration guide for a smooth transition. Our latest version offers significant improvements in performance, security, and features.

9.1 VG2020.X

Welcome to the Visual-Guard 2020 Archive. This section is dedicated to preserving the comprehensive documentation, guides, and reference materials for Visual-Guard version 2020.3. As you navigate through this archive, you will find valuable resources designed to support users and developers who continue to work with or maintain systems using this specific version of Visual-Guard.

Features and Documentation

Visual-Guard 2020 introduced a range of features and improvements that have been foundational to subsequent versions. In this archive, you can explore:

  • User Guides: Detailed instructions on how to utilize the features introduced in VG 2020, ensuring you can make the most out of your existing projects.
  • Release Notes: A chronological list of updates, bug fixes, and enhancements made throughout the lifecycle of VG 2020.
  • API References: Comprehensive documentation of the APIs available in VG 2020, providing essential information for developers integrating Visual-Guard into their applications.

Support and Resources

While VG 2020 is no longer the latest version, we understand the importance of supporting our users through transition periods and beyond. If you’re working on migrating to VG 2024 or need assistance with VG 2020, the following resources are available:

  • Migration Guide: Step-by-step instructions to help you transition from VG 2020 to VG 2024 smoothly and efficiently.
  • Technical Support: Our dedicated support team is available to assist with any questions or issues you may encounter with VG 2020.

Moving Forward

We encourage users of VG 2020 to consider upgrading to Visual-Guard 2024 to take advantage of the latest features, security enhancements, and performance improvements. Visit our Upgrade Guide for more information on making the transition.

Thank you for your continued support and commitment to Visual-Guard. We’re here to assist you in every step of your journey with our product.

9.1.1 Installation setup

System requirements

Please check the following requirements before installing Visual Guard Identity Server.

Visual Guard 2020.2

  • OS: Windows Server 2012, 2016, 2019, 2022
  • Hard Drive: 512 GB to 1 TB – Fast drive recommended, ideally SSD
  • CPU:  4 core min – 3 Ghz or higher
  • RAM: 8 GB 
  • SQL Server for the VG Repository : Standard Edition or higher
  • .Net Core 2.1
  • .Net Core hosting bundle 2.1

Private mode Communication

  • Windows Server 2022 Build 20348 or later.

Installation

Download Visual Guard Identity Server setup and follow the installation wizard.

9.1.2 Using an existing configuration

You can reuse an existing configuration

Click on the button “Configure Identity Server”
Select one identity Server configuration need to be use
We need to restart Identity Server to apply the new configuration
Waiting the restart of Identity Server
The Visual-Guard Identity server is ready to use

9.1.3 Configuring VG Identity Server Instance

Configure a new Visual-Guard Identity Server instance

  • Note : this requires a certificate

Select “re-use a existing configuration” or “create a new configuration”

The certificate validity is verified.

  • Identity server name: name of the server
  • Description : enter a description for this new configuration
  • Select a certificate (Certificate with private key required)
  • Check this box to overwrite the configuration when deploying it in another repository
We need to restart the server to apply this new configuration
Waiting for the Server to restart
The Visual Guard Identity Server is now ready to use

9.1.4 Repository configuration

The Visual Guard identity server needs a connection to the VGRepository


Configuration of the Visual Guard repository
Select your repository type (SQL Server or Oracle)
Set the information of your repository
Test your connection to the Visual Guard Repository
The connection to the VG Repository is successful.
Save the configuration of the VGRepository

Configure Visual Guard Identity Server