Filter
Top Products
39-10
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 39 Configuring the Identity Firewall
Configuring the Identity Firewall
Note Before running the AD Agent Installer, you must install the following patches on every Microsoft Active
Directory server that the AD Agent monitors. These patches are required even when the AD Agent is
installed directly on the domain controller server. See the README First for the Cisco Active Directory
Agent.
Configuring the Identity Firewall
This section contains the following topic:
• Task Flow for Configuring the Identity Firewall, page 10
• Configuring the Active Directory Domain, page 11
• Configuring Active Directory Server Groups, page 13
• Configuring Active Directory Server Groups, page 13
• Configuring Active Directory Agent Groups, page 15
• Configuring Identity Options, page 16
• Configuring Identity-based Access Rules, page 19
• Configuring Local User Groups, page 21
• Configuring Cut-through Proxy Authentication, page 22
Task Flow for Configuring the Identity Firewall
Prerequisite
Before configuring the Identity Firewall in the ASA, you must meet the prerequisites for the AD Agent
and Microsoft Active Directory. See Prerequisites, page 9 for information.
Task Flow in the ASA
To configure the Identity Firewall, perform the following tasks:
Step 1 Configure the Active Directory domain in the ASA.
See Configuring the Active Directory Domain, page 11 and Configuring Active Directory Server
Groups, page 13.
See also Deployment Scenarios, page 4 for the ways in which you can deploy the Active Directory
servers to meet your environment requirements.
Step 2 Configure the AD Agent in ASA.
See Configuring Active Directory Server Groups, page 13 and Configuring Active Directory Agent
Groups, page 15.
See also Deployment Scenarios, page 4 for the ways in which you can deploy the AD Agents to meet
your environment requirements.
Step 3 Configure Identity Options.
See Configuring Identity Options, page 16.