The identity awareness agent interface – Amer Networks E5Web GUI User Manual

Figure 8.4. The Identity Awareness Agent Interface

The Encryption Key and Listening IP should be set to the same values configured in the cOS Core
Authentication Agent object.

The Encryption Key will take on a default value if specified and this will be the same as the default
value of the Pre-Shared Key property of a cOS Core Authentication Agent object if it is not explicitly
specified. However, it is strongly recommended that this default key value is changed as soon as
possible.

The Allowed IP/Networks can optionally be used to specify from which external IPs the agent will
allow for connection with cOS Core. The default value of 0.0.0.0/0 will allow connections from any
IP address.

Note: The IDA service is not aware of cOS Core authentication

The purpose of the IDA service is to send details of user logins to cOS Core. This
communication is one way and the IDA service is not aware of the authentications
being carried out by cOS Core and does not display this information in its interface.

The Identity Awareness Agent (IDA) software must be installed on all domain controller servers
that are part of the domain being authenticated.

Using IDA with a Windows Terminal Server™

In some environments, a Terminal Server may be used as well as a domain controller. If this is the
case, the IDA service is installed as before but the option Remote Desktop IP Virtualization should
be enabled.

The terminal server itself must have the following attributes:

Chapter 8: User Authentication

554