View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

Home » Security » SEC0227 - ASA Firepower 6.0 Passive and Active Authentication (Part 3)

SEC0227 - ASA Firepower 6.0 Passive and Active Authentication (Part 3)

Rating: 
5
Average: 5 (3 votes)
Difficulty Level: 
0
Lab Document: 
<Please login to see the content>
Category: 
Security
The video walks you through two available methods of obtaining user identity on ASA Firepower 6.0; Passive and Active authentication. We will configure Passive authentication using Firepower User Agent to obtain User-to-IP mapping and enforce differentiated network access based on AD user group membership. We will also configure Active authentication as a backup method to obtain user identity from a non-domain computer.
 
Part 3 of this video covers Active Authentication configuration
 
Topic:
  • Passive Authentication
    • Firepower User Agent
    • LDAP Integration
  • Active Authentication
    • ASA Captive Portal
  • Identity Policy
  • Access Control Policy
Tag: 
asa
firepower
sourcefire
ngfw
ldap
user agent
identity

About Author

Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.
http://www.linkedin.com/in/methachiewanichakorn

2 comments

Submitted by orkhan.r on Thu, 05/02/2019 - 00:37

You deleted fir active authentication mapping in Users tab manually. I wonder if IDLE after how much it will delete that mapping. Moreover, i want to know if i change user without deleting that mapping, will it change it?

Submitted by andy.b on Fri, 07/10/2020 - 04:12

Hi!

Excellent video.

You mentioned about SAN certificate to avoid certificate warning for active authentication.

Please, could you share more information on this. How to create this certificate?

Thank you!