Procedure); Configuring If-Map Session Import Policy On The Secure Access Device (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01 Manual
Configuring secure access devices guide
Hide thumbs
Also See for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01:
- Manual (444 pages) ,
- Administration manual (1026 pages) ,
- Installation manual (244 pages)
Table of Contents
Advertisement
Configuring Secure Access Devices Guide
Related
Documentation
Configuring IF-MAP Session Import Policy on the Secure Access Device (NSM
Procedure)
288
Table 84: IF–MAP Session-Export Policy Configuration Details (continued)
Option
Function
Set IF-MAP
Specifies a passed Host
Device
Checker policy on the
Attributes
Infranet Controller or SA
appliance.
Configuring IF-MAP Client Settings on the Secure Access Device (NSM Procedure) on
page 284
Configuring IF-MAP Session Import Policy on the Secure Access Device (NSM
Procedure) on page 288
The session-export policies that you create allow IF-MAP data that represents a session
to be stored on the IF-MAP server. Session-import policies specify how the Secure Access
device derives a set of roles and a username from the IF-MAP data in the IF-MAP server.
Session-import policies establish rules for importing user sessions from a different Infranet
Controller or SA appliance. Import policies allow you to match authenticated users with
corresponding roles on the target device. For example, you might configure an import
policy to specify that when IF-MAP data for a session includes the "Contractor" capability,
the imported session should have the "limited" role. Session-import policies allow the
device to properly assign roles based on information that the IF-MAP server provides.
To configure a session-import policy:
In the NSM navigation tree, select Device Manager > Devices. Click the Device Tree
1.
tab, and then double-click the Secure Access device for which you want to configure
a session-import policy.
Click the Configuration tab. In the configuration tree, select System > IF–MAP
2.
Federation > Session-Import Policies.
Add or modify settings as specified in Table 85 on page 289.
3.
Click one:
4.
OK—Saves the changes.
Cancel—Cancels the modifications.
Your Action
Select this action and the following options
appear.
Copy Host Checker policy names—Select this
option to copy the name of each Host Checker
policy that passed for the session to a device
attribute.
Set device attributes specified below—Select
this option to set the specified device
attributes. The Device Attributes option
appears. From Device Attributes, click New and
enter a specified device attribute.
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Chapters
Table of Contents
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01 and is the answer not in the manual?
Questions and answers