SonicWALL SMA - Deploying Different Agents to Different Users

To Next Page

To Previous Page

SonicWallSMAConnectTunnel12.0DeploymentPlanningGuide

CommonVPNConfigurations

Useraccessagentsaredeployedonaper‐communitybasis.Whenconfiguringausercommunity,youcan

specifywhichaccessmethodswillbeavailabletocommunitymemberstoconnecttoresourcesonyour

network.

WhenauserlogsintoWorkPlaceforthefirsttime,WorkPlaceautomaticallyprovisionsandinstallsthe



appropriateuseraccessagentbasedontheuser’scommunitysettings.Theagentthatisdeployedwillbe

installedontheuser’scomputer;onsubsequentconnectionsfromthesamecomputerwiththesameWeb

browser,thatsameagentisautomaticallydeployed.

Topics:

• DeployingtheSameAgentstoAllUsersonpage47

• DeployingDifferentAgentstoDifferentUsersonpage47

DeployingtheSameAgentstoAllUsers

WhenyoucreateanauthenticationrealminAMC,adefaultcommunityassociatedwiththerealmisalso

automaticallycreated.This singlecommunitymaybesufficientifyouhaveahomogenousgroupofuserswhose

resourceneedsandaccessmethodsareidentical.

Toconfigureasinglecommunity:

1CreatearealmontheGeneralsectionoftheConfigureRealmpagethatref erencesanexternal

authenticationserver.AMCautomaticallycreatesadefaultcommunitythatisreferencedbytherealm.

Thedefaultcommunitysettingsareglobalandapplytoanyrealmsthatreferenceit.

2Configurethecommunitybyselectingtheusers

orgroupswhobelongtoit,theaccessmethodsthey ’ll

usetoconnect totheVPN,andoptionallyanyEndPointControloptions.

Ifyouhaveadiversegroupofremoteusers,you’llprobablywanttocreatemultiplecommunities.

DeployingDifferentAgentstoDifferentUsers

Multiplecommunitiesgiveyoutheflexibilitytoprovisiondifferentaccessagentstodifferentpopulationsof

users,andtodeploydifferentEndPointControlconfigurations.Evenifyourusersarestoredonasingleexternal

authenticationserver,youmaywanttosegmentthembyfunctioninyourorganization,bythetypesof



resourcestowhichtheyneedaccess,orforsecurityreasons.

Forexample,youmaywanttocreateacommunityforthoseemployeeswhouseIT‐managedlaptopsforremote

access,andprovisionthemwiththeConnectTunnelclienttoallowthemextensiveaccesstoyournetwork

resources.Foryourbusinesspartners,

youmaywanttocreateacommunitythatrestrictsthemtoWebaccess

andassignsthemtoanEndPointControlzonethatprovisionsadataprotectiontooltoremoveallsessiondata

aftertheylogoff.

TheconfigurationstepsinvolvedincreatingmultiplecommunitiesaredescribedinDeploymentScenario:

RemoteAccessforEmployeesandPartnersonpage25.

Related product manuals