Hello,
I would like to know How User to IP Mapping works in Cisco Firepower Appliances 9300 and 4100
Below are My Questions:
1. Maximum Number of AD Servers Supported in FTD ?
2. Can we Integrate Existing Syslog with FTD for Identity Based Policy ?
3. Can we Integrate Citrix Xenapp with FTD for Identity Based Policy ?
4. Can we Integrate Third Party Authorization Server with FTD for Identity based policy ?
5. Can the access be allowed/deny based on the device that the user used for previous login?
6. Identity firewall solution for non domain devices,including personal mobile devices ?
7. Maximum User to IP Mapping Supported on FTD 9300 Appliance?
8. Maximum User-groups supported on FTD 9300 Appliance?
9 How Many IP addresses a user identity can be mapped against?
10 Can the timer be set per server (Different for AD and syslog) ?
11 In case of fail-over to standby device, is the user-ip and user-group database synchronisation achieved, including other run time information ?
12 Can segregation be performed based on the access from domain and non-domain devices (i.e. differential user access levels from domain and non-domain devices) ?
13 Capability to extend the user identification policies to personal mobile devices?
14 If single user login through multiple devices (including domain, non-domain and mobile), how will identity FW react to this ?
15 Support for client IP probing and configurability of the probe timing?
16 Integration with Mcafee SIEM, any open source SIEM, Nessus Vulnerability Scanner.?
Thanks
Shubham