Introduction
This article summarises all available installable LogonBox features for both the LogonBox SSPR and LogonBox VPN products.
The tables below organise each set of features by their main category, describe them, and note which features are installed by default and whether they can be removed from the product.
See the Hardening your LogonBox server's security article for notes on reducing your attack surface by removing features you are not using, which should be considered as best practice.
Feature List
Note: Items in green can be removed if you are not using the feature. Items in red are system-required features.
System Features
| Feature Name | Installed by default | Removable? | Description |
| Server Core | Yes | No | Core components of this server. |
| Local API Authentication | Yes | No | Local API authentication for virtual machine services. |
| Audit Reporting | Yes | No | Audit system and user events in real time with customisable filters and export to CSV. |
| Enhanced Security | Yes | No | Adds password policy and admin logon flow support |
| Branding | Yes | No | Customise the user interface with new logo or override CSS. |
| Callback Service | Yes | No | Callback Service |
| Multiple Tenancy | Yes | Yes | Adds support for operating multiple user databases on a single server. |
| OAuth2 Scopes | Yes | Yes | Support for OAUTH2 clients and scopes. |
| Profile Image Support | Yes | Yes | Adds ability to create a logo for any user, displayed wherever their username might be |
| HTML Publisher | No | Yes | Publishes any files found under conf/www in the root of the web server allowing you to publish static HTML pages. |
| High Availability | No | Yes | Adds support for High Availability deployments. |
| Performance and Health Monitor | No | Yes | Monitors various system and virtual machine statistics and generates performance and health data for graphical display or generation of threshold events, such as memory usage, CPU, disk, network and lots more. |
| Translate | No | Yes | Change any text within the application or translate. |
Identity
| Feature Name | Installed by default | Removable? | Description |
| Identity Manager | Yes | Yes, but this is required for the SSPR | Core components of the Hypersocket Identity Manager |
Self-Service
| Feature Name | Installed by default | Removable? | Description |
| Account Unlock | Yes | Yes | Enables users to unlock their account through a dedicated authentication flow. |
| Password Reset | Yes | Yes, but this is required for the SSPR |
Enables users to reset their password through a dedicated authentication flow. |
Directories
| Feature Name | Installed by default | Removable? | Description |
| Active Directory | Yes | Yes | Configure access for users from Active Directory. |
| HTTP | No | Yes | Configure access for users from an external HTTP directory. |
| MySQL Tables | No | Yes | Configure access for users from any MySQL Table. |
| LogonBox Directory | Yes (prior to new 2.4.16 builds) | Yes | Configure access for users from a LogonBox Directory. |
| AS400 | No | Yes | Configure access for users from AS400 systems. |
| MySQL Users | No | Yes | Configure access for MySQL users |
| Azure | Yes | Yes | Configure access for users from Azure Active Directory. |
| Yes | Yes | Configure access for users from Google Business. | |
| LDAP | Yes (prior to new 2.4.16 builds) | Yes | Configure access for users from LDAP. |
| SSH | Yes (prior to new 2.4.16 builds) | Yes | Configure access for users from external SSH servers. |
Automation
| Feature Name | Installed by default | Removable? | Description |
| HTTP Task | Yes | Yes | Execute HTTP requests in triggers or automations |
| Advanced Tasks | No | Yes | Adds some tasks for managing the system including Role assignment tasks and Certificate/PEM tasks. |
| Webhooks | Yes (prior to new 2.4.16 builds) | Yes | Receive input from external sources via HTTP Form, JSON or POST requests to generate events that can be used to trigger automation tasks. |
| XML Tasks | No | Yes | Import any XML and generate events to import tickets, users, or anything else that has tasks |
| Scripting Tasks | No | Yes | Adds support for executing Java and Javascript in tasks. Bind event parameters to script variables and return a result. |
| SSH Tasks | No | Yes | A set of tasks for performing operations over SSH. |
| CSV Tasks | Yes | Yes | Import from CSV |
Authentication
| Feature Name | Installed by default | Removable? | Description |
| Authentication Flow | Yes | No | Configure the authentication flows to support multi-factor authentication |
| Login Time Restrictions | Yes | Yes | Prevents users from logging in based on a weekly schedule. |
| LogonBox Authenticator | Yes | Yes | An authentication module for implementing 2-Factor authentication via the LogonBox Authenticator mobile app. Supports one-click authorization or require a Biometric response as part of your authentication flow. |
| Yubico Authentication | Yes | Yes | Authenticate with Yubico hardware keys. |
| PIN Authentication | Yes | Yes | Authenticate with a PIN number. |
| Captcha | Yes | Yes | Adds Google Captcha module for use in authentication flows. |
| RADIUS Authentication | Yes | Yes | Adds RADIUS authentication to your authentication flows. |
| IP Authentication | Yes | Yes | Support for restricting or blocking access from IP addresses in your authentication flows. |
| One-time Password Authentication | Yes | Yes | Adds a module to the authentication flow for authenticating using One-time Passwords via Email. |
| TOTP Authenticators | Yes | Yes | Authenticate using two step verification with Google, Microsoft or Authy Time-based One-time Password mobile or desktop apps. |
| Windows Desktop | Yes | Yes | Adds a customizable authentication flow for Windows Desktop logins and adds support for resetting a user's password or unlocking their account from the Windows login prompt. |
| Security Questions | No | Yes | Adds a module that enables a user to authenticate with a set of pre-defined security questions. |
| WebAuthn Authentication | No | Yes | Web Authentication (WebAuthn) is a web standard published by the World Wide Web Consortium (W3C). This extension allows you to authenticate with WebAuthn compatible Browser and Key. |
| Information Step | No | Yes | An authentication module that presents a step where detailed information can be presented to the user. |
| SAML Authentication | Yes | Yes | Adds support for authenticating to an external Identity provider using SAML 2.0. |
| Duo Authentication | Yes | Yes | Adds a module for performing Duo Security in any authentication flow. |
| No Login | No | Yes | An authentication module that presents a message informing the user that they cannot login to this system. |
Networking
| Feature Name | Installed by default | Removable? | Description |
| LogonBox VPN | Yes | No | LogonBox VPN feature |
| Wireguard Service | Yes | No | User interface and utilise for using the WireGuard VPN service on this platform. |
| Secure Node | No | Yes | Access network resources behind firewalls with zero-configuration at the remote site. |
Security
| Feature Name | Installed by default | Removable? | Description |
| Key Client | No | Yes | Delegates encryption to a Key Server so that data encrypted in the database is not stored on the same system as the encryption keys needed to decrypt it. |
| Key Server | No | Yes | Stores encryption keys and performs encryption on-demand for Key Clients. Ensures that data encrypted in the database is not stored on the same server as the keys needed to decrypt the data. |
| Lets Encrypt | Yes | Yes | Adds support for requesting Let's Encrypt SSL certificates. |
| HaveIBeenPwned | Yes | Yes | Add real-time checking of passwords as users change them against the HaveIBeenPwned password database. |
Passwords
| Feature Name | Installed by default | Removable? | Description |
| Password Server | No | Yes | Securely manage and share passwords with other users (deprecated) |
Servers
| Feature Name | Installed by default | Removable? | Description |
| JWT Server | No | Yes | Allow external applications to authenticate using this server's user database as an Identity Provider using JWT tokens. |
| SAML Server | No | Yes | Allow external applications to authenticate using this server's user database as an Identity Provider using SAML 2.0 |
Messaging
| Feature Name | Installed by default | Removable? | Description |
| Cloud Messaging | Yes | No | Adds support for sending alerts and notifications via the LogonBox Messaging Service. This cloud based service provides reliable and easy to configure SMS and Email messages, useful for one time passwords and other alters. |
| SMS Messaging | Yes | No | General support for SMS, adds infrastructure for other SMS providers |
| Twilio Messaging | Yes (prior to new 2.4.16 builds) | Yes | Message provider for the Twilio service |
| Amazon SNS Messaging | Yes | Yes | Message provider for the Amazon SNS service |
Reporting
| Feature Name | Installed by default | Removable? | Description |
| Syslog Support | Yes | Yes | Export events to a syslog server. |
Identity
| Feature Name | Installed by default | Removable? | Description |
| Create Account | Yes | Yes | Adds a button to the portal for users to request a new user account. |
Cloud
| Feature Name | Installed by default | Removable? | Description |
| Cloud Services | No | Yes | Services for running Hypersocket products in the cloud. |
