Consumer Device

Client devices are responsible for actively retrieving (and/or passively receiving) the latest IP-to-user-identity mappings from the Cisco CDA. A consumer device is responsible for:

 • Retrieving the IP-to-user-identity mappings from the Cisco CDA.

 • Receiving notifications of IP-to-user-identity mappings from the Cisco CDA.

 • Enforcing identity based firewall policy.

 • Basic monitoring of the Active Directory connectivity via the Cisco CDA.

 • Retrieving group information directly from the Active Directory.

 • Web-auth fallback for IPs that the Cisco CDA did not map to identity.

 • Forwarding of new mappings revealed by consumer devices via the web-auth to the Cisco CDA.

 • Forwarding IP-to-user-identity mapping for VPN sessions.

 • Running NetBIOS probing and forwarding disconnect notification to the Cisco CDA.

These updates are sent as RADIUS Accounting-Request messages.

Related Topics:

 • Active Directory Domain Controller Machines

 • Syslog Servers