3 Replies Latest reply: May 15, 2013 6:52 AM by senthilbabu RSS

    Logon Collector in Terminal-Server/Citrix environments

    akeller

      Hi there,

       

      relating to this topic: https://community.mcafee.com/thread/32507 I´d just like to know if the stated limitations to the Logon-Collector (LC) still

      exist (LC doesn´t work with TS/Citrix)?

       

      We´re about to move all our users from decentralized ISA-2004-Proxies to a centralized McAfee Enterprise Firewall and since we´re using

      IE over Citrix (in some cases) it will be helpful to know if we have to look for alternatives.

       

      Thanks in advance,

       

      Andre

        • 1. Re: Logon Collector in Terminal-Server/Citrix environments
          senthilbabu

          Hi Andre,

           

          The limitation still exist.  MLC picks up logon events from the Domain controller's log events directly. And, MLC maintains one user logon per ip address.

          In Citrix environment, if the logon events get registered on DC with one common ip address for multiple users, then it will not maintain all the logon events from a single ip address.

           

          -Senthil

          • 2. Re: Logon Collector in Terminal-Server/Citrix environments
            akeller

            Hi Senthil,

             

            thanks for your info. This is bad news indeed...do you happen to know if we could bypass "passive authentication" with an "Active Directory Active authentication"-rule?
            Even though our users propably will have to authenticate twice it might help us not to look for alternatives right now.

             

            Also, is there a roadmap available for the logon collector? Are TS-Servers on it?

             

            Cheers,

            Andre

             

            Nachricht geändert durch akeller on 15.05.13 05:29:43 CDT
            • 3. Re: Logon Collector in Terminal-Server/Citrix environments
              senthilbabu

              Hi Andre,

               

              It should be possible to achieve that by using Active passports instead of passive passports. I have not verified it personally. Someone else may be able to confirm.

               

              As far as roadmap for Logon collector is concerned, we do not see support for TS-Servers in the near future.

               

              -Senthil