topic For now we don't support it in Network Security

Monitor Multiple Users Logged to Terminal servers

guibarati — Tue, 12 Mar 2019 12:47:25 GMT

How can I monitor different users logged in to a single terminal server with different permissions?

From what I know user agent 2.2 couldn't identify it, does anything change on 2.3?

Thanks

You can not do that.

Dinkar Sharma — Tue, 20 Oct 2015 09:18:56 GMT

You can not do that. FirePOWER would only be able to learn about the last user who logged into the terminal server and implement the policy accordingly. As of now we don't support it. I have filed an enhancement request to add a different approach to it CSCuw60492.

Thanks,

Dinkar

Are there any information to

securantakra — Fri, 25 Mar 2016 19:22:13 GMT

Are there any information to fix this in future or to get this enhancement? Does anybody have access to the roadmap?

If we have more than one user the per user permissions are obsolete.

Any ideas for a workaround?

For now we don't support it

Dinkar Sharma — Fri, 25 Mar 2016 19:44:49 GMT

For now we don't support it and there is no roadmap for this feature. You can get in touch with your Cisco Accounts team and they can get in touch with BU to discuss the roadmap for this feature.

Thanks,

Dinkar

Hi Dinkar,

securantakra — Sat, 26 Mar 2016 07:02:55 GMT

Hi Dinkar,

thanks for this information. I will contact my Cisco accounts.

There is a new feature in 6.0.1 called "Captive Portal and Active Authentication"

In order to provide better visibility in mapping users to IP addresses and their associated network events, the Captive Portal and Active Authentication feature can be configured to require users to enter their credentials when prompted through a browser window. The mapping also allows policies to be based on a user or group of users. This feature supplements the existing Sourcefire User Agent (SUA) integration with Active Directory to address non-Windows environments, BYOD users, and guests.

I think this could be a way to get the user information even if they connected to a terminal server. The user have to authenticate each session, this is not convenient but it works.

What do you think?

regards

securantakra

Hi,

shansfeldt — Wed, 31 Aug 2016 10:53:40 GMT

Hi,

Seems to be available in 6.1.0.

Note: The TS Agent feature (VDI Identity Support) is available in a limited availability program adjacent to Version 6.1.