для Cisco Cisco Firepower Management Center 2000
35-39
FireSIGHT System User Guide
Chapter 35 Introduction to Network Discovery
Obtaining User Data from LDAP Servers
A message appears, confirming that you want to apply the policy to all zones targeted by access control
policies on the Defense Center.
policies on the Defense Center.
Step 3
Click
Yes
to apply the policy.
Obtaining User Data from LDAP Servers
License:
FireSIGHT
The FireSIGHT System can obtain both user identity and user activity information from your
organization’s LDAP servers.
organization’s LDAP servers.
User Agents allow you to monitor users when they authenticate against Active Directory credentials on
Microsoft Active Directory servers. You can install an agent on any Microsoft Windows 7 or Microsoft
Windows Server 2008 device with TCP/IP access to the Microsoft Active Directory servers you want to
monitor. Each agent can monitor logins on up to five servers.
Microsoft Active Directory servers. You can install an agent on any Microsoft Windows 7 or Microsoft
Windows Server 2008 device with TCP/IP access to the Microsoft Active Directory servers you want to
monitor. Each agent can monitor logins on up to five servers.
The agents send records of those logins to the Defense Center, which logs and reports them as user
activity. This supplements any user activity detected directly by managed devices. More important, the
logins reported by User Agents associate users with IP addresses, which in turn allows access control
rules with user conditions to trigger.
activity. This supplements any user activity detected directly by managed devices. More important, the
logins reported by User Agents associate users with IP addresses, which in turn allows access control
rules with user conditions to trigger.
You can configure a connection between the Defense Center and LDAP servers. This connection not only
allows you to retrieve metadata for the users whose logins were detected by User Agents, but also is used
to specify the users and groups you want to use in access control rules.
allows you to retrieve metadata for the users whose logins were detected by User Agents, but also is used
to specify the users and groups you want to use in access control rules.
Note
Legacy agents, which you install on your Microsoft Active Directory servers, also monitor users when
they authenticate against Active Directory credentials. However, you should plan to transition to Version
2.0 of the User Agent as soon as possible in preparation for end of support for legacy agents in future
releases.
they authenticate against Active Directory credentials. However, you should plan to transition to Version
2.0 of the User Agent as soon as possible in preparation for end of support for legacy agents in future
releases.
For more information, see:
•
•
•
•
•
•
Creating LDAP Connections with the Defense Center
License:
FireSIGHT
If you want to perform user control (that is, write access control rules with user conditions), you must
configure a connection between the Defense Center and at least one of your organization’s Microsoft
Active Directory servers. This configuration, called an LDAP connection or a user awareness
configure a connection between the Defense Center and at least one of your organization’s Microsoft
Active Directory servers. This configuration, called an LDAP connection or a user awareness