Identity Sources

This section describes the Identity Sources.

Identity Sources determine how the Identity Awareness Security Gateway learns the user names and computers that generate traffic on the network.

You must enable the applicable identity sources in the Identity Awareness Security Gateway object > Identity Awareness page, and install the Access Control Policy.

Identity Source

Description

Browser-Based Authentication

See Browser-Based Authentication

Identities are acquired through the authentication web portal on Identity Awareness Gateway (Captive Portal), or Transparent Kerberos Authentication.

Active Directory Query (AD Query)

See AD Query

Identities are acquired seamlessly from the Microsoft Active Directory.

This is a clientless identity acquisition tool.

Identity Agents

See Identity Agents

Identities are acquired using Identity Agents that are installed on the user endpoint computers.

Terminal Servers

See Terminal Servers

Identities are acquired using Identity Agents that are installed on Windows-based application server that hosts Terminal Servers, Citrix XenApp, and Citrix XenDesktop services.

These Identity Agents are used to identify traffic from individual users on Terminal Servers.

RADIUS Accounting

See RADIUS Accounting

Identities are acquired using RADIUS Accounting directly from a RADIUS Accounting Client.

Identity Collector

See Identity Collector

Identities are acquired using Identity Agents that are installed on Microsoft Active Directory Domain Controllers, Cisco Identity Services Engine (ISE) Servers, or NetIQ eDirectory Servers.

Identity Web API

See Identity Web API

Gives you a flexible method for creating identities.

Remote Access

See Remote Access

Identities are acquired for Mobile Access clients and IPsec VPN clients configured to work in Office Mode, when they connect to the Security Gateway.

For this to work, you must enable both the Identity Awareness and IPsec VPN Software Blades on the same Security Gateway.