Справочник Пользователя для SonicWALL 5.8.1
User Management
1011
SonicOS 5.8.1 Administrator Guide
How Does SonicWALL Terminal Services Agent Work?
The SonicWALL TSA can be installed on any Windows Server machine with Terminal Services
or Citrix installed. The server must belong to a Windows domain that can communicate with the
SonicWALL security appliance directly using the IP address or using a path, such as VPN.
or Citrix installed. The server must belong to a Windows domain that can communicate with the
SonicWALL security appliance directly using the IP address or using a path, such as VPN.
For installation instructions for the SonicWALL TSA, refer to the
.
See the following sections for information about the SonicWALL TSA:
•
•
•
•
•
Internet
SonicWALL UTM Appliance
LDAP
Server
SonicWALL SSO with Terminal Services Agent
Communication in these steps
is encrypted when the user
name and domain are included,
using a shared key which is
generated by the TSA.
is encrypted when the user
name and domain are included,
using a shared key which is
generated by the TSA.
A client logs into the network via the Terminal Services or Citrix server and attempts to access the
Internet or other network resources for the first time.
Internet or other network resources for the first time.
The TSA on the Terminal Services or Citrix server notifies the SonicWALL UTM of the user’s name,
domain, the session ID, the connection IP address, port, and protocol. The UTM sends a reply.
domain, the session ID, the connection IP address, port, and protocol. The UTM sends a reply.
The SonicWALL UTM queries the LDAP server or the local database for the user’s group member-
ships.
ships.
The SonicWALL UTM checks the groups against Firewall,
CFS, and App FW policies, and grants access accordingly,
allocates a user number for the user on the terminal server,
and logs the user in.
CFS, and App FW policies, and grants access accordingly,
allocates a user number for the user on the terminal server,
and logs the user in.
The user closes the Internet connection and the TSA
notifies the UTM of the close.
notifies the UTM of the close.
The user opens further connections, and steps (2) and (5),
but not (3) and (4), are repeated for each connection.
but not (3) and (4), are repeated for each connection.
When the user logs out of the terminal server, the TSA
notifies the SonicWALL UTM of the logout and the user is
logged out on the UTM.
notifies the SonicWALL UTM of the logout and the user is
logged out on the UTM.
Network Security Appliance
1
5
4
2
3
1
2
3
4
5
6
6
7
7
2
3
Steps