Select User Identification Service for Secure SD-WAN Engines
You can select the User Identification Service for each Secure SD-WAN Engine in the Engine Editor.
Each User Identification Service can be associated with one or more Secure SD-WAN Engines, but only one User Identification Service can be selected for each
Secure SD-WAN Engine.
Note: The Integrated User ID Service is primarily meant for demonstration purposes and proof-of-concept testing of user
identification services.
For more details about the product and how to configure features, click Help or press F1.
Steps
Engine Editor > Add-Ons > User Identification
Use this branch to select a User Identification Service element.
Note: These settings are not supported for Master Engines or Virtual Engines.
Option | Definition |
---|---|
User Identification Service | The Forcepoint User ID Service and Integrated User ID Service provide user, group, and IP address information that can be used in transparent user
identification. The Integrated User ID Service is primarily meant for demonstration purposes and proof-of-concept testing of user identification services.
Note: For Secure SD-WAN version 6.4 or higher, we recommend that you use the Forcepoint User ID Service.
|
Network Filters section (When a Forcepoint User ID Service element is selected) | |
IP Ranges (Optional) |
To prevent the Secure SD-WAN Engine from receiving too many logon events, specify the IP address
ranges of networks from which to receive logon events. Click Add to add an element to the list, or Remove to remove the selected element. We recommend adding the IP address ranges of networks for which the Secure SD-WAN Engine routes traffic. Note: Network filters do not
exclude other IP addresses outside of the specified IP address range if a user has at least one logon in the specified IP address range. The Secure SD-WAN Engine might still receive logon events from other IP address ranges.
|