beautypg.com

HP Identity Driven Manager Software Series User Manual

Page 56

background image

2-40

Getting Started
Monitoring User Session Information

Click the option check boxes to select (check) or deselect (clear) the following
options.

1. Select the Configuration Deployment option to automatically deploy IDM

configuration settings (Access Profiles, Locations, Times, Network Resources)
to the IDM agent. The default preference is to allow automatic configuration
deployment.

Select the Disable automatic deploy to IDM agents option if you do not want to
use automatic IDM configuration deployment.
If you “disable” the Configuration Deployment option. in order for IDM config-
uration changes to take affect you will need to manually deploy the configuration
to the IDM agent(s).

2. Select the Client Re-authentication option to automatically trigger re-authenti-

cation of clients upon registration, based solely on the port to which they are
connected. Enabling this option should be done with care as multiple clients can
be connected to a port at a time. Re-authentication is first triggered based on the
port and MAC address of the client. In case of failure and if this option is not
disabled, re-authentication will be triggered based on only the port to which the
client is connected.

3. Select the Wireless Settings option to allow configuration of Identity Manage-

ment features for select PCM wireless devices. The default preference has the
Enable enhanced wireless support option checked. When this option is
unchecked, wireless configuration options will not be visible and will not be
applicable in rule evaluation.

4. Select the Enable Endpoint Integrity option to enable endpoint integrity in the

Access Rules definitions, allowing you to configure an Access Rule with one of
the Endpoint Integrity options (Pass, Fail or ANY). When you enable Endpoint
Integrity and set the attribute in a Global Access Rule or Access Policy Group
rule, the IDM agent will look for the RADIUS attribute in the supplicant’s
authentication request and act accordingly, applying the defined access rule
based on the endpoint integrity system response.

5. Select the Enable User session accounting option to collect information about

user logins and logouts. This must be selected if you want to collect data for user
logins and bandwidth usage, which is used for the Bandwidth, Session, and User
reports.

6. To generate user session start and stop events and display them in the IDM Events

list, select the Generate Session Start and Stop Events check box. This option
does not affect accounting or collection of session history and statistical infor-
mation. Turning this option off will reduce the load on your IDM server and the
GUI by eliminating two-thirds of the events created for every user login and
logout.