Secure Mobile Access 12.4 Administration Guide

Using Realms and Communities

When you set up realms and user communities, AMC enables you to specify which access agents are provisioned to members of the communities. You also have the option of classifying community members’ devices into “zones of trust.” The following illustration shows how a realm authenticates users, assigns them to communities to provision access agents and, with End Point Control enabled, assigns community members to different zones based on the trustworthiness of their computers.

If your network uses only one authentication server to store user information, then you probably need to create only one realm in AMC. If your network uses multiple authentication servers, you must create at least one realm for each of them. You can also create multiple realms in AMC that reference separate user populations in a single external repository.

Using only one authentication realm doesn’t limit your ability to create subsets of users based on their access needs or other security considerations, because realms must be associated with communities of users. A community can consist of all users in a realm or only selected users; it is used to deploy access agents and to enforce End Point Control restrictions for members of a community. For information on communities, see Configuring an SMA Appliance to Send RADIUS Accounting Records to a Firewall.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.