Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
467 Views 3 Replies Latest reply: May 15, 2013 6:52 AM by senthilbabu RSS
akeller Newcomer 2 posts since
May 26, 2011
Currently Being Moderated

May 15, 2013 3:09 AM

Logon Collector in Terminal-Server/Citrix environments

Hi there,


relating to this topic: I´d just like to know if the stated limitations to the Logon-Collector (LC) still

exist (LC doesn´t work with TS/Citrix)?


We´re about to move all our users from decentralized ISA-2004-Proxies to a centralized McAfee Enterprise Firewall and since we´re using

IE over Citrix (in some cases) it will be helpful to know if we have to look for alternatives.


Thanks in advance,



  • senthilbabu McAfee Employee 6 posts since
    Mar 19, 2011

    Hi Andre,


    The limitation still exist.  MLC picks up logon events from the Domain controller's log events directly. And, MLC maintains one user logon per ip address.

    In Citrix environment, if the logon events get registered on DC with one common ip address for multiple users, then it will not maintain all the logon events from a single ip address.



  • senthilbabu McAfee Employee 6 posts since
    Mar 19, 2011

    Hi Andre,


    It should be possible to achieve that by using Active passports instead of passive passports. I have not verified it personally. Someone else may be able to confirm.


    As far as roadmap for Logon collector is concerned, we do not see support for TS-Servers in the near future.



More Like This

  • Retrieving data ...

Bookmarked By (0)


  • Correct Answers - 5 points
  • Helpful Answers - 3 points