Redundant – Cisco ASA 5505 User Manual

Page 717

36-5

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 36 Configuring the Identity Firewall

Information About the Identity Firewall

Figure 36-2

Deployment Scenario without Redundancy

As shown in

Figure 36-3

, you can deploy the Identity Firewall components to support redundancy.

Scenario 1 shows a deployment with multiple Active Directory servers and a single AD Agent installed
on a separate Windows server. Scenario 2 shows a deployment with multiple Active Directory servers
and multiple AD Agents installed on separate Windows servers.

Figure 36-3

Deployment Scenario with Redundant Components

As shown in

Figure 36-4

, all Identity Firewall components—Active Directory server, the AD Agent, and

the clients—are installed and communicate on the LAN.

Figure 36-4

LAN -based Deployment

Scenario 1

Scenario 2

xxxxxx

Agent

ASA

AD Server

AD Agent

ASA

AD Server

AD Agent

Agent

No Redundancy

Scenario 1

Scenario 2

xxxxxx

ASA

AD Server

AD Agent

Agent

Redundant

Agent

AD Server

ASA

LAN

xxxxxx

Client

ASA

AD Servers

AD Agent

Agent

mktg.sample.com

10.1.1.2

WMI

RADIU

NetBIOS Probe

This manual is related to the following products:

ASA 5585-X ASA 5555-X ASA 5545-X ASA 5525-X ASA 5515-X ASA 5512-X ASA 5580 ASA 5550 ASA 5540 ASA 5520 ASA 5510 ASA 5500 Series