{"id":20171,"date":"2024-08-21T15:41:40","date_gmt":"2024-08-21T08:41:40","guid":{"rendered":"https:\/\/thegioifirewall.com\/?p=20131"},"modified":"2025-03-24T07:27:22","modified_gmt":"2025-03-24T07:27:22","slug":"huong-dan-cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-su-dung-stas-de-quan-ly-users-va-group-chan-web-va-app-trong-domain-2","status":"publish","type":"post","link":"https:\/\/vacif.com\/en\/huong-dan-cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-su-dung-stas-de-quan-ly-users-va-group-chan-web-va-app-trong-domain-2\/","title":{"rendered":"H\u01b0\u1edbng d\u1eabn c\u1ea5u h\u00ecnh x\u00e1c th\u1ef1c user domain gi\u1eefa sophos XGS v\u00e0 AD server s\u1eed d\u1ee5ng STAS \u0111\u1ec3 qu\u1ea3n l\u00fd users v\u00e0 group ch\u1eb7n web v\u00e0 app trong domain"},"content":{"rendered":"\n<p>B\u00e0i vi\u1ebft h\u01b0\u1edbng d\u1eabn c\u00e1ch c\u1ea5u h\u00ecnh STAS \u0111\u1ec3 qu\u1ea3n l\u00fd users v\u00e0 group truy c\u1eadp web v\u00e0 app trong domain, \u0111\u00e2y l\u00e0 t\u00ednh n\u0103ng cung c\u1ea5p kh\u1ea3 n\u0103ng x\u00e1c th\u1ef1c ng\u01b0\u1eddi d\u00f9ng trong m\u1ea1ng n\u1ed9i b\u1ed9 m\u1ed9t c\u00e1ch t\u1ef1 \u0111\u1ed9ng ch\u1ec9 c\u1ea7n \u0111\u0103ng nh\u1eadp tr\u00ean m\u00e1y tr\u1ea1m c\u1ee7a ng\u01b0\u1eddi d\u00f9ng. V\u00e0 c\u0169ng kh\u00f4ng c\u1ea7n ph\u1ea3i c\u00e0i \u0111\u1eb7t SSO \u1edf tr\u00ean m\u1ed7i m\u00e1y tr\u1ea1m. D\u1ec5 d\u00e0ng s\u1eed d\u1ee5ng cho end user v\u00e0 m\u1ee9c \u0111\u1ed9 b\u1ea3o m\u1eadt cao h\u01a1n<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"http:\/\/aws.vacif.com\/wp-content\/uploads\/sites\/3\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-0.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><strong>Chi ti\u1ebft s\u01a1 \u0111\u1ed3 m\u1ea1ng<\/strong><\/p>\n\n\n\n<p>AD server c\u00f3 \u0111\u1ecba ch\u1ec9 IP 10.0.0.12\/24<\/p>\n\n\n\n<p>C\u00e1c m\u00e1y tr\u1ea1m trong m\u1ea1ng \u0111\u01b0\u1ee3c c\u1ea5p IP \u0111\u1ed9ng v\u1edbi l\u1edbp m\u1ea1ng 172.17.17.0\/24<\/p>\n\n\n\n<p>Gateway c\u1ee7a c\u00e1c m\u00e1y tr\u1ea1m l\u00e0 thi\u1ebft b\u1ecb Sophos XGS c\u00f3 IP l\u00e0 172.17.17.1\/24<\/p>\n\n\n\n<p><strong>T\u00ecnh hu\u1ed1ng c\u1ea5u h\u00ecnh<\/strong><\/p>\n\n\n\n<p>B\u00e0i vi\u1ebft s\u1ebd th\u1ef1c hi\u1ec7n c\u1ea5u h\u00ecnh STAS tr\u00ean thi\u1ebft b\u1ecb Sophos firewall v\u00e0 AD server \u0111\u1ec3 m\u00e1y tr\u1ea1m c\u1ee7a ng\u01b0\u1eddi d\u00f9ng trong m\u00f4i tr\u01b0\u1eddng domain ch\u1ec9 c\u1ea7n \u0111\u0103ng nh\u1eadp username v\u00e0 password l\u00e0 c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c x\u00e1c th\u1ef1c c\u1ea3 tr\u00ean Sophos firewall. T\u00e0i kho\u1ea3n username v\u00e0 password \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u1ed3ng b\u1ed9 ho\u00e1 gi\u1eefa AD server v\u00e0 Sophos firewall. \u0110\u1ed3ng th\u1eddi t\u1ea1o rule \u0111\u1ec3 ch\u1eb7n truy c\u1eadp web v\u00e0 app cho c\u00e1c users v\u00e0 group.<\/p>\n\n\n\n<p>\u0110\u1ed3ng th\u1eddi s\u1eed d\u1ee5ng firewall rule v\u1edbi source identity l\u00e0 group v\u00e0 user v\u00e0 web policy \u0111\u1ec3 ki\u1ec3m tra ho\u1ea1t \u0111\u1ed9ng m\u1ea1ng c\u1ee7a ng\u01b0\u1eddi d\u00f9ng domain, show c\u00e1c th\u00f4ng tin v\u1ec1 group, user tr\u00ean c\u00e1c giao di\u1ec7n report, monitoring, logging<\/p>\n\n\n\n<p><strong>C\u00e1c b\u01b0\u1edbc c\u1ea5u h\u00ecnh<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>C\u1ea5u h\u00ecnh ADS&nbsp;<\/li>\n\n\n\n<li>Download STAS tr\u00ean AD&nbsp;<\/li>\n\n\n\n<li>C\u00e0i \u0111\u1eb7t STAS tr\u00ean AD<\/li>\n\n\n\n<li>C\u1ea5u h\u00ecnh STAS tr\u00ean AD<\/li>\n\n\n\n<li>Th\u00eam AD server v\u00e0o Sophos XGS \u0111\u1ec3 x\u00e1c th\u1ef1c user doman<\/li>\n\n\n\n<li>\u0110i\u1ec1u ch\u1ec9nh c\u1ea5u h\u00ecnh service \u0111\u1ec3 x\u00e1c th\u1ef1c b\u1eb1ng AD server&nbsp;<\/li>\n\n\n\n<li>C\u1ea5u h\u00ecnh STAS tr\u00ean XGS firewall<\/li>\n\n\n\n<li>T\u1ea1o firewall rule v\u1edbi source identify l\u00e0 group, user \u0111\u1ec3 s\u1eed d\u1ee5ng x\u00e1c th\u1ef1c STAS<\/li>\n\n\n\n<li>Ki\u1ec3m tra ho\u1ea1t \u0111\u1ed9ng STAS&nbsp;<\/li>\n\n\n\n<li>Ki\u1ec3m tra giao di\u1ec7n report, monitoring, logging<\/li>\n\n\n\n<li>Ki\u1ec3m tra t\u00ednh n\u0103ng ch\u1eb7n web app tr\u00ean c\u00e1c m\u00e1y tr\u1ea1m.<\/li>\n<\/ul>\n\n\n\n<p><strong>H\u01b0\u1edbng d\u1eabn c\u1ea5u h\u00ecnh<\/strong><\/p>\n\n\n\n<p><strong>B1:<\/strong> C\u1ea5u h\u00ecnh ADS<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>C\u1ea5u h\u00ecnh tr\u00ean AD&nbsp;<\/li>\n\n\n\n<li>\u0110\u0103ng nh\u1eadp v\u00e0o AD server v\u1edbi \u0111\u1ecba ch\u1ec9 IP l\u00e0 10.0.0.200<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-1.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Sau khi v\u00e0o \u0111\u01b0\u1ee3c trang giao di\u1ec7n c\u1ee7a vmware esxi, ch\u00fang ta b\u1eaft \u0111\u1ea7u t\u1ea1o 1 con AD m\u1edbi. Chu\u1ed9t ph\u1ea3i v\u00e0o <strong>Virtual Machines &gt; CreateRegister VM<\/strong>&nbsp;<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-2.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ch\u1ecdn <strong>Create a new virtual machine<\/strong> sau \u0111\u00f3 b\u1ea5m <strong>next&nbsp;<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-3.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u0110\u1eb7t t\u00ean cho m\u00e1y l\u00e0 <strong>AD-son &gt; Guest OS family<\/strong> ch\u1ecdn<strong> windows &gt; Guest OS version <\/strong>ch\u1ecdn <strong>Microsoft Windows Server 2019 (64-bit)<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-4.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Storage \u1edf \u0111\u00e2y m\u00ecnh ch\u1ec9 c\u00f3 1 kho d\u1eef li\u1ec7u v\u00e0 m\u00ecnh ch\u1ecdn&nbsp;<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-5.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CPU <\/strong>ch\u1ecdn <strong>2<\/strong> <strong>&gt; Memory<\/strong> ch\u1ecdn <strong>4096 MB &gt; hard disk<\/strong> ch\u1ecdn <strong>40 GB Network adapter 1 <\/strong>ch\u1ecdn <strong>VMnetwork &gt; CD\/DVD Drive 1<\/strong> ch\u1ecdn <strong>datastore ISO file &gt; video card<\/strong> v\u00e0o m\u1ee5c <strong>default setttings<\/strong> v\u00e0 ch\u1ecdn <strong>file window iso&nbsp;<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-6.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-7.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Sau khi nh\u1ea5n<strong> finish<\/strong> ta s\u1ebd c\u00f3 \u0111\u01b0\u1ee3c m\u00e1y \u1ea3o <strong>AD-son<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-8.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>B\u1ea5m<\/strong> <strong>v\u00e0o m\u00e1y \u1ea3o v\u00e0 b\u1eaft \u0111\u1ea7u<\/strong> <strong>kh\u1edfi ch\u1ea1y &gt;<\/strong> <strong>\u0111\u0103ng nh\u1eadp<\/strong> <strong>v\u00e0o acc admin&nbsp;<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-9.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Khi v\u00e0o s\u1ebd hi\u1ec7n <strong>giao di\u1ec7n qu\u1ea3n tr\u1ecb<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-10.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ti\u1ebfp theo ch\u00fang ta v\u00e0o <strong>th\u01b0 m\u1ee5c sophos<\/strong> \u1edf \u1ed5 \u0111\u0129a C <strong>\u0111\u1ec3 c\u1ea5p quy\u1ec1n<\/strong> cho \u1ee9ng d\u1ee5ng<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-11.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-12.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>&#8211; Nh\u1ea5n <strong>Edit<\/strong> v\u00e0 t\u00ecm t\u1eeb kh\u00f3a <strong>Administrator (SONVACIF\\Administrator)<\/strong> sau \u0111\u00f3 <strong>tick ch\u1ecdn t\u1ea5t c\u1ea3 c\u00e1c quy\u1ec1n<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-13.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-14.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><strong>\u0110\u1ec3 c\u1ea5u h\u00ecnh quy\u1ec1n c\u1ee7a ng\u01b0\u1eddi d\u00f9ng STAS tr\u00ean B\u1ed9 \u0111i\u1ec1u khi\u1ec3n mi\u1ec1n (Domain Controller), l\u00e0m nh\u01b0 sau:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>M\u1edf <strong>Command Prompt<\/strong> v\u00e0 nh\u1eadp <strong>dsa.msc<\/strong> \u0111\u1ec3 m\u1edf <strong>Active Directory Users and Computers<\/strong>.<\/li>\n\n\n\n<li>Nh\u1ea5p chu\u1ed9t ph\u1ea3i v\u00e0o ng\u01b0\u1eddi d\u00f9ng STAS v\u00e0 ch\u1ecdn <strong>Properties.<\/strong><\/li>\n\n\n\n<li>Ch\u1ecdn <strong>Member of<\/strong> v\u00e0 nh\u1ea5p <strong>Add<\/strong>.<\/li>\n\n\n\n<li>Th\u00eam ng\u01b0\u1eddi d\u00f9ng v\u00e0o c\u00e1c nh\u00f3m <strong>Domain Users<\/strong> v\u00e0 <strong>Event Log Readers.<\/strong><\/li>\n\n\n\n<li>Nh\u1ea5p <strong>OK <\/strong>khi ho\u00e0n th\u00e0nh.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-15.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ti\u1ebfp theo nh\u1eadp v\u00e0o thanh t\u00ecm ki\u1ebfm g\u00f5 t\u1eeb kh\u00f3a <strong>local security policy<\/strong> \u0111\u1ec3 xem <strong>setting b\u1ea3o m\u1eadt<\/strong> v\u00e0 tick ch\u1ecdn 2 n\u00fat <strong>Success v\u00e0 Failure<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-16.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ti\u1ebfp theo v\u00e0o m\u1ee5c <strong>user rights Assignment &gt;&gt; Log on as a service &gt;&gt; add user son<\/strong> v\u00e0 <strong>Administrator<\/strong> v\u00e0o&nbsp;<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-17.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>V\u00e0o <strong>Advanced Audit Policy Configuration &gt;&gt; system Audit Policies &gt;&gt; Account Logon &gt;&gt; tick ch\u1ecdn c\u1ea3 2&nbsp;<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-18.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ti\u1ebfp theo v\u00e0o m\u1ee5c <strong>Logon\/Logoff &gt;&gt; tick ch\u1ecdn c\u1ea3 2<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-19.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><strong>B3: C\u00e0i \u0111\u1eb7t STAS tr\u00ean AD Server<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u0110\u0103ng nh\u1eadp v\u00e0o trang <strong>user portal<\/strong> b\u1eb1ng c\u00e1c t\u00e0i kho\u1ea3n \u0111\u00e3 t\u1ea1o \u1edf server manager \u0111\u1ec3 <strong>t\u1ea3i STAS<\/strong><\/li>\n\n\n\n<li><strong>Download Client &gt;&gt; Download for windows<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-20.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-21.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Kh\u1edfi ch\u1ea1y \u1ee9ng d\u1ee5ng b\u1eb1ng quy\u1ec1n <strong>admin &gt;&gt; ch\u1ecdn SSO Suite<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-22.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-23.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>&#8211; Nh\u1eadp <strong>username v\u00e0 password<\/strong> t\u00e0i kho\u1ea3n <strong>administrator domain <\/strong><a href=\"about:blank\"><strong>(administrator@sonvacif.com)<\/strong><\/a><strong> &gt;&gt; b\u1ea5m next<\/strong><\/p>\n\n\n\n<p>&#8211; Nh\u1ea5n finish \u0111\u1ec3 ho\u00e0n th\u00e0nh c\u00e0i \u0111\u1eb7t<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-24.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><strong>B4: C\u1ea5u h\u00ecnh STAS<\/strong><\/p>\n\n\n\n<p>&#8211; M\u1edf <strong>STAS<\/strong> b\u1eb1ng c\u00e1ch double v\u00e0o <strong>Sophos Transparent Authentication Suite<\/strong> tr\u00ean m\u00e0n h\u00ecnh desktop<\/p>\n\n\n\n<p>&#8211; Tr\u00ean <strong>STA Collector<\/strong>:&nbsp;<\/p>\n\n\n\n<p>+ \u1ede m\u1ee5c <strong>Sophos Appliance &gt;&gt;<\/strong> Nh\u1ea5n <strong>Add<\/strong> \u0111\u1ec3 <strong>th\u00eam \u0111\u1ecba ch\u1ec9 IP<\/strong> c\u1ee7a <strong>port LAN c\u1ee7a sophos XGS<\/strong> (ip port 1 LAN c\u1ee7a m\u00ecnh l\u00e0 192.168.223.0\/24 v\u00e0 IP c\u1ee7a AD server 10.0.0.0\/24)<\/p>\n\n\n\n<p>+ \u1ede <strong>Workstation Polling Settings:<\/strong> Ch\u1ecdn <strong>WMI<\/strong><\/p>\n\n\n\n<p>+ \u1ede <strong>Logoff Detection Settings<\/strong> v\u00e0 <strong>Appliance Port &gt;&gt;<\/strong> Gi\u1eef c\u1ea5u h\u00ecnh <strong>default<\/strong><\/p>\n\n\n\n<p>-&gt; Nh\u1ea5n <strong>Apply<\/strong><\/p>\n\n\n\n<p>+<strong> STA Agent<\/strong> s\u1ebd gi\u00e1m s\u00e1t c\u00e1c y\u00eau c\u1ea7u x\u00e1c th\u1ef1c ng\u01b0\u1eddi d\u00f9ng v\u00e0 g\u1eedi th\u00f4ng tin \u0111\u1ebfn b\u1ed9 thu th\u1eadp \u0111\u1ec3 x\u00e1c th\u1ef1c Sau \u0111\u00f3 <strong>STA Collector <\/strong>s\u1ebd thu th\u1eadp c\u00e1c y\u00eau c\u1ea7u x\u00e1c th\u1ef1c ng\u01b0\u1eddi d\u00f9ng t\u1eeb t\u00e1c nh\u00e2n, x\u1eed l\u00fd c\u00e1c y\u00eau c\u1ea7u v\u00e0 g\u1eedi ch\u00fang \u0111\u1ebfn t\u01b0\u1eddng l\u1eeda \u0111\u1ec3 x\u00e1c th\u1ef1c.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-24.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>Tr\u00ean <strong>STA Agent<\/strong><\/p>\n\n\n\n<p>\u1ede m\u1ee5c <strong>Monitor Networks &gt;&gt;<\/strong> <strong>Nh\u1ea5n Add<\/strong> \u0111\u1ec3 th\u00eam <strong>LAN network<\/strong> m\u00e0 b\u1ea1n mu\u1ed1n x\u00e1c th\u1ef1c<\/p>\n\n\n\n<p>-&gt; Nh\u1ea5n <strong>Apply<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-25.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><strong>&#8211; \u1ede General tab<\/strong><\/p>\n\n\n\n<p>+ Nh\u1eadp<strong> NetBIOS<\/strong> c\u1ee7a domain<\/p>\n\n\n\n<p>+ Nh\u1eadp <strong>FQDN<\/strong> c\u1ee7a domain<\/p>\n\n\n\n<p>+ Nh\u1ea5n <strong>Start <\/strong>\u0111\u1ec3 kh\u1edfi \u0111\u1ed9ng<strong> STAS<\/strong><\/p>\n\n\n\n<p>-&gt; Nh\u1ea5n <strong>Apply <\/strong>-&gt; Nh\u1ea5n <strong>OK<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-26.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><strong>B5: Th\u00eam AD server v\u00e0o Sophos XGS \u0111\u1ec3 x\u00e1c th\u1ef1c user domain<\/strong><\/p>\n\n\n\n<p><strong>C\u1ea5u h\u00ecnh tr\u00ean Sophos XGS<\/strong><\/p>\n\n\n\n<p><strong>Authentication -&gt; Server -&gt;<\/strong> Nh\u1ea5n&nbsp;<strong>Add<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u1ede m\u1ee5c&nbsp;<strong>Server type<\/strong>: Ch\u1ecdn&nbsp;<strong>Active Directory<\/strong><\/li>\n\n\n\n<li><strong>Server name<\/strong>: Nh\u1eadp t\u00ean server m\u00e0 b\u1ea1n mu\u1ed1n qu\u1ea3n l\u00fd<\/li>\n\n\n\n<li><strong>Server IP\/domain<\/strong>: Nh\u1eadp \u0111\u1ecba ch\u1ec9 IP c\u1ee7a AD<\/li>\n\n\n\n<li><strong>Port<\/strong>: 389<\/li>\n\n\n\n<li><strong>NetBIOS domain<\/strong>: Nh\u1eadp t\u00ean NetBIOS c\u1ee7a AD<\/li>\n\n\n\n<li><strong>ADS username<\/strong>: Nh\u1eadp administrator<\/li>\n\n\n\n<li><strong>Password<\/strong>: Nh\u1eadp password c\u1ee7a t\u00e0i kho\u1ea3n administrator<\/li>\n\n\n\n<li><strong>Connection security<\/strong>: Ch\u1ecdn Simple<\/li>\n\n\n\n<li><strong>Display name attribute<\/strong>: Nh\u1eadp t\u00ean cho server m\u00e0 b\u1ea1n mu\u1ed1n qu\u1ea3n l\u00fd<\/li>\n\n\n\n<li><strong>Email address attribute<\/strong>: Nh\u1eadp email m\u00e0 b\u1ea1n mu\u1ed1n (c\u00f3 th\u1ec3 \u0111\u1ec3 tr\u1ed1ng)<\/li>\n\n\n\n<li><strong>Domain name<\/strong>: Nh\u1eadp domain name<\/li>\n<\/ul>\n\n\n\n<p><strong>&#8211; Search queries<\/strong>: Nh\u1eadp domain name theo \u0111\u1ecbnh d\u1ea1ng queries (VD: dc=vcf,dc=com)<\/p>\n\n\n\n<p>-&gt; Nh\u1ea5n&nbsp;<strong>Test connection<\/strong>&nbsp;-&gt; Nh\u1ea5n&nbsp;<strong>Save<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-27.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Khi t\u1ea1o xong s\u1ebd hi\u1ec7n <strong>Server AD-son<\/strong><\/li>\n\n\n\n<li>V\u00e0o <strong>import <\/strong>\u0111\u1ec3 <strong>add group v\u00e0 user<\/strong> t\u1eeb <strong>AD server<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-28.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-29.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>&#8211; <strong>Tick ch\u1ecdn<\/strong> <strong>group v\u00e0 users<\/strong> m\u00ecnh mu\u1ed1n add&nbsp;<\/p>\n\n\n\n<p>-&gt; B\u1ea5m <strong>next&nbsp;<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-30.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-31.png\" alt=\"\"\/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>B6: \u0110i\u1ec1u ch\u1ec9nh c\u1ea5u h\u00ecnh Service cho x\u00e1c th\u1ef1c b\u1eb1ng AD server<\/strong><\/h4>\n\n\n\n<p><strong>Authentication -&gt; Services<\/strong><\/p>\n\n\n\n<p>\u1ede&nbsp;<strong>Firewall authentication methods<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ch\u1ecdn <strong>AD<\/strong> c\u1ee7a b\u1ea1n v\u00e0 <strong>b\u1ecf ch\u1ecdn Local<\/strong><\/li>\n\n\n\n<li>\u1ede&nbsp;<strong>Default group<\/strong>: Ch\u1ecdn OU m\u00e0 b\u1ea1n mu\u1ed1n th\u00eam<\/li>\n<\/ul>\n\n\n\n<p>-&gt; Nh\u1ea5n&nbsp;<strong>Apply<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-32.png\" alt=\"\"\/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>B7: C\u1ea5u h\u00ecnh STAS tr\u00ean XGS firewall<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Authentication -&gt; B\u1eadt STAS<\/strong> b\u1eb1ng c\u00e1ch ch\u1ecdn&nbsp;<strong>ON&nbsp;<\/strong>v\u00e0 nh\u1ea5n&nbsp;<strong>Active STAS<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-33.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Nh\u1eadp \u0111\u1ecba ch\u1ec9 <strong>IP<\/strong> c\u1ee7a <strong>AD Server<\/strong> \u1edf m\u1ee5c <strong>Collector IP -&gt;<\/strong> Nh\u1ea5n&nbsp;<strong>Save<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-34.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-35.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><strong>B8: V\u00e0o m\u00e1y \u1ea3o VMWare Workstation \u0111\u1ec3 t\u1ea1o client&nbsp;<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u1ede \u0111\u00e2y m\u00ecnh \u0111\u00e3 t\u1ea1o 2 m\u00e1y c\u00f3 t\u00ean <strong>l\u00e0 Client-PC1 v\u00e0 Client-PC3<\/strong><\/li>\n\n\n\n<li><strong>Client -PC1<\/strong> c\u00f3 \u0111\u1ecba ch\u1ec9 <strong>IP LAN l\u00e0 172.17.17.22<\/strong><\/li>\n\n\n\n<li><strong>Client-PC3<\/strong> c\u00f3 \u0111\u1ecba ch\u1ec9 <strong>IP LAN l\u00e0 172.17.17.21<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-36.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-37.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Sau khi \u0111\u0103ng nh\u1eadp v\u00e0o c\u00e1c user th\u00ec ch\u00fang ta quay l\u1ea1i <strong>AD server<\/strong> \u0111\u1ec3 <strong>ki\u1ec3m tra Live users<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-38.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ti\u1ebfp theo \u0111\u1ec3 c\u00f3 th\u1ec3 <strong>hi\u1ec7n user<\/strong> th\u00ec ch\u00fang ta c\u1ea7n ph\u1ea3i \u0111\u0103ng nh\u1eadp v\u00e0o trang <strong>user portal &gt;&gt; \u0111\u0103ng nh\u1eadp v\u00e0o user<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-39.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-40.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Sau \u0111\u00f3 quay l\u1ea1i trang <strong>Sophos &gt;&gt; Authentication &gt;&gt; users &gt;&gt;<\/strong> <strong>nh\u1ea5n Purge AD users<\/strong> \u0111\u1ec3 hi\u1ec7n users l\u00ean<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-41.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-42.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ti\u1ebfp t\u1ee5c v\u00e0o m\u1ee5c <strong>current activities &gt;&gt; Live users<\/strong> \u0111\u1ec3 <strong>ki\u1ec3m tra<\/strong> c\u00e1c <strong>users \u0111ang ho\u1ea1t \u0111\u1ed9ng<\/strong> (Sau khi th\u00e0nh c\u00f4ng c\u00e1c b\u01b0\u1edbc tr\u00ean m\u1edbi hi\u1ec7n \u0111\u01b0\u1ee3c c\u00e1c Live users)&nbsp;<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-43.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ti\u1ebfp theo v\u00e0o Rules and policies &gt;&gt; Firewall Rules &gt;&gt; Add firewall rule &gt;&gt; new firewall rule<\/li>\n\n\n\n<li>Rule name: Block user domain&nbsp;<\/li>\n\n\n\n<li>Tick ch\u1ecdn log firewall traffic ghi l\u1ea1i l\u01b0u l\u01b0\u1ee3ng truy c\u1eadp&nbsp;<\/li>\n\n\n\n<li>Source zones &gt;&gt; LAN<\/li>\n\n\n\n<li>Destination zones &gt;&gt; WAN&nbsp;<\/li>\n\n\n\n<li><strong>Source networks and devices &gt;&gt; Ch\u1ecdn IP c\u00e1c m\u00e1y users m\u00e0 m\u00ecnh \u0111\u00e3 t\u1ea1o \u0111\u1ec3 \u00e1p d\u1ee5ng c\u00e1c quy t\u1eafc<\/strong><\/li>\n\n\n\n<li><strong>Destination network &gt;&gt; Any<\/strong><\/li>\n\n\n\n<li>Tick ch\u1ecdn <strong>match know users &gt;&gt; <\/strong>ch\u1ecdn <strong>user ho\u1eb7c group<\/strong> m\u00e0 m\u00ecnh mu\u1ed1n x\u00e1c th\u1ef1c<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-44.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-45.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-46.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ti\u1ebfp theo &gt;&gt; t\u1ea1o li\u00ean k\u1ebft NAT &gt;&gt;<strong> create linked NAT rule &gt;&gt;<\/strong> <strong>m\u1ee5c translated source (SNAT) &gt;&gt;<\/strong> ch\u1ecdn <strong>MASQ<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-47.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u0110\u1ec3 ch\u1eb7n web v\u00e0 app th\u00ec tick ch\u1ecdn v\u00e0o <strong>web policy &gt;&gt; ch\u1ecdn policy<\/strong> minh \u0111\u00e3 t\u1ea1o (\u1edf \u0111\u00e2y m\u00ecnh \u0111\u00e3 t\u1ea1o policy \u0111\u1ec3 ch\u1eb7n instagram v\u00e0 youtube) <strong>&gt;&gt;&nbsp; tick ch\u1ecdn Block QUIC protocol<\/strong> (s\u1eed d\u1ee5ng QUIC c\u00f3 th\u1ec3 v\u01b0\u1ee3t qua qu\u00e1 tr\u00ecnh l\u1ecdc web. Vi\u1ec7c b\u1eadt t\u00f9y ch\u1ecdn n\u00e0y s\u1ebd \u0111\u1ea3m b\u1ea3o c\u00e1c trang web \u0111\u00f3 s\u1eed d\u1ee5ng <strong>HTTP\/S) &gt;&gt;<\/strong> <strong>Nh\u1ea5n Save &nbsp;<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-48.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Ti\u1ebfp theo &gt;&gt; v\u00e0o ph\u1ea7n <strong>Administrator &gt;&gt;<\/strong> tick ch\u1ecdn <strong>Client<\/strong> \u1edf <strong>zone LAN &gt;&gt; <\/strong>nh\u1ea5n<strong> apply<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-49.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Sau \u0111\u00f3 ch\u00fang ta v\u00e0o l\u1ea1i 2 m\u00e1y \u1ea3o <strong>PC 1 v\u00e0 PC 3 &gt;&gt; \u1edf PC 3<\/strong> v\u00e0o <strong>instagram<\/strong> th\u00ec <strong>b\u1ecb ch\u1eb7n<\/strong> c\u00f2n <strong>PC 1<\/strong> th\u00ec v\u1eabn <strong>v\u00f4 \u0111\u01b0\u1ee3c b\u00ecnh th\u01b0\u1eddng<\/strong> (<strong>L\u01b0u \u00fd<\/strong> <strong>c\u00e1c m\u00e1y ph\u1ea3i trong domain v\u00e0 c\u00f9ng chung 1 m\u1ea1ng LAN th\u00ec m\u1edbi l\u00e0m \u0111\u01b0\u1ee3c)<\/strong><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-50-1024x575.png\" alt=\"\" class=\"wp-image-20183\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/uploads.thegioifirewall.com\/2024\/08\/cau-hinh-xac-thuc-user-domain-giua-sophos-xgs-va-ad-server-51-1024x575.png\" alt=\"\" class=\"wp-image-20184\"\/><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>B\u00e0i vi\u1ebft h\u01b0\u1edbng d\u1eabn c\u00e1ch c\u1ea5u h\u00ecnh STAS \u0111\u1ec3 qu\u1ea3n l\u00fd users v\u00e0 group truy c\u1eadp web v\u00e0 app trong domain, \u0111\u00e2y l\u00e0 t\u00ednh n\u0103ng cung c\u1ea5p kh\u1ea3 n\u0103ng x\u00e1c th\u1ef1c ng\u01b0\u1eddi d\u00f9ng trong m\u1ea1ng n\u1ed9i b\u1ed9 m\u1ed9t c\u00e1ch t\u1ef1 \u0111\u1ed9ng ch\u1ec9 c\u1ea7n \u0111\u0103ng nh\u1eadp tr\u00ean m\u00e1y tr\u1ea1m c\u1ee7a ng\u01b0\u1eddi d\u00f9ng. V\u00e0 c\u0169ng kh\u00f4ng c\u1ea7n [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":20297,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_eb_attr":"","ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[80],"tags":[454,452,455],"class_list":["post-20171","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-huong-dan-tai-lieu","tag-ad-server","tag-sophos-xgs","tag-stas","entry","has-media"],"_links":{"self":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/20171","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/comments?post=20171"}],"version-history":[{"count":1,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/20171\/revisions"}],"predecessor-version":[{"id":20307,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/20171\/revisions\/20307"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/media\/20297"}],"wp:attachment":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/media?parent=20171"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/categories?post=20171"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/tags?post=20171"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}