You are here
SEC0165 - ASA FirePower Network Discovery (User with AD User Agent) (Part 1)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video demonstrates how you can leverage user identity information within Cisco ASA FirePower and FireSight System as part of User Network Discovery. We will utilize AD User Agent to obtain user-to-IP mapping, and integrate to Active Directory to obtain user and group information. This information can be used to tie user identity to network traffic as well as including them in Access Control rules for access enforcement
Part 1 of this videos goes through AD User Agent installation to get user-to-IP mapping
Topic:
- Network Discovery with User
- AD User Agent Install
- LDAP/AD Integration
- Discovery Policy
- User-to-IP Mapping
- User Profile
5 comments
User Agent Configuration
Hi Metha,
I have question about User Agent Configuration, Which permissions/rights are need to be configured on Active Directory to successfully add the Active Directory server to user agent.
If we install user agent on Active Directory server or on any other host.
Thanks!
User Agent Configuration
Please see link below.
http://www.cisco.com/c/en/us/support/docs/security/firesight-management-...
User Agent Configuration
Thanks...
Same Device but Different user
Hello Metha,
Can a laptop with two different user domains, one with Admin and other with Guest, have different policy rules. The laptop IP address remains the same.
So when admin logs in, he gets to access certain websites, and if user logs in, he is denied and allowed certain websites.
The user groups are created on AD.
Same Device but Different user
As long as they both are domain users with different AD user group membership, absolutely. Each time a user login, Firepower User Agent detects and maps user to the device IP. Once the traffic hits FP, it can look up the user AD group and apply appropriate rules.