2 Replies Latest reply: Mar 13, 2013 12:57 PM by jkeranen RSS

    Smart filtering with AD usernames and groups

    jkeranen

      I am in the process of configuring smart filtering on our Sidewinder V8.     Does this firewall mesh with AD?    I want to know if Active Directory usernames/groups are available to me when setting up network objects and access control rules on the sidewinder.     Thanks in advance for any help you can provide.

       

      JK

        • 1. Re: Smart filtering with AD usernames and groups
          PhilM

          If you are using v8 I would suggest that the best route for you to follow is to download and install the McAfee Logon Collector (MLC) from their web site.

           

          MLC is made up of two components a collector and a monitor. When installing in a small network environment, I believe the default installation will install both components onto the same machine. In larger environments you can install a single collector instance and then multiple monitors around the netowrk.

           

          MLC monitors the user log in/log out events on the domain controllers and builds a table of users against IP addresses.

           

          In the passive authenticator configuration on the Firewall you can then point it at the IP address of the MLC collector installation. The Firewall will now know this information, along with the user's domain group membership. You will then be able to create access control rules based on the user/group information provided by MLC and each rule can have its own application defense group assigned, each with its own assigned SmartFilter policy.

           

          -Phil.

          • 2. Re: Smart filtering with AD usernames and groups
            jkeranen

            Thanks Phil.   THat is what I needed to know.   Appreciate it.