EasyManua.ls Logo

Quantum SPARK 1500 - Working with User Awareness; Workflow; Identity Sources

Quantum SPARK 1500
461 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Working with User Awareness
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Locally Managed Administration Guide|257
Working with User Awareness
In the User Awareness page you can turn the blade on or off and use the configuration wizard
to configure sources to get user identities for logging and configuration purposes.
User Awareness lets you configure the Quantum Spark Appliance to show user based logs
instead of IP address based logs and enforce access control for individual users and user
groups.
Workflow
1. Turn on the User Awareness Software Blade.
2. Click the Configuration wizard to enable and configure the blade.
3. Select the identification methods to get information about users and user groups and
configure the identity sources.
4. After initial configuration, you can select the Active Directory Queries, Browser-Based
Authentication, or Identity Collector checkboxes in the Policy Configuration section
and click Configure for more advanced settings.
5. After the gateway acquires the identity of a user, you can enforce user-based rules on
the network traffic in the Access Policy.
Identity Sources
User Awareness can use these sources to identify users:
n
AD Query (Active Directory Queries) - Seamlessly queries the Active Directory servers
to get user information.
The Quantum Spark Appliance registers to receive security event logs from the AD
domain controllers when the security policy is installed. This requires administrator
privileges for the AD server. When a user authenticates with AD credentials, these event
logs are generated and are sent to the Security Gateway. The Quantum Spark Appliance
can then identify the user based on the AD security event log.
n
Browser-Based Authentication - Uses a portal to authenticate either locally defined
users or as a backup to other identification methods.
l
Browser-Based Authentication uses a web interface to authenticate users before
they can access network resources or the Internet. When users try to access a
protected resource, they must log in to a web page to continue. This identifies
locally defined users or users that were not successfully identified by other
methods.

Table of Contents

Related product manuals