Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1011
Views
1
Helpful
2
Replies

Centralized Configuration for WSA with Authentication Realm

Go to solution
Garry Cross
Level 1
Level 1

‎03-18-2019 10:00 AM

Hi I cannot find clarification with regard to the above topic.

We have 8 WSA in various cities across the country. Each have a realm configured with the same name. All are using the same configuration otherwise. Each locations Realm is slightly different in terms of the AD server they are configured with. Each has 3 targets the first of which is the local Domain Controller, then one in another city and finally the one in the data center.

 

What I don't understand is the comments in the user guide about using different authentication realms. Since the realm itself is local to the WSA and can't be configured on the SMA it is my expectation that the Realm itself is not centrally managed and not pushed to the individual WSA's. The only thing that would be an issue if different Realm names were in use the the policies configured. Is this a correct statement?

 

We are getting ready to do centralized config and would like to know other's experiences in this regard.

 

Thanks in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sadik.sener1
Level 1
Level 1
In response to Johnatan Dire

‎03-29-2019 05:09 AM

Hi,

If you are using the same realm name it should not prevent you from using SMA.

 

Sma is using the configurations under the Web Security menu.  

 

There, you have your identification profile. Your identification profile knows which realm it will consume to get identity information.

 

As long as the realm name matches, it will not consider which servers does that realm connect. (To get user ip mappings.)

SMA should not change the configurations of Realm even if you want it to do.

 

Sadik

View solution in original post

2 Replies 2

Go to solution
Johnatan Dire
Level 1
Level 1

‎03-22-2019 12:50 AM

i have this problems too. can you help me?

0 Helpful

Go to solution
sadik.sener1
Level 1
Level 1
In response to Johnatan Dire

‎03-29-2019 05:09 AM

Hi,

If you are using the same realm name it should not prevent you from using SMA.

 

Sma is using the configurations under the Web Security menu.  

 

There, you have your identification profile. Your identification profile knows which realm it will consume to get identity information.

 

As long as the realm name matches, it will not consider which servers does that realm connect. (To get user ip mappings.)

SMA should not change the configurations of Realm even if you want it to do.

 

Sadik

Customers Also Viewed These Support Documents