TSM interworking in USG2000/5000 hot standby in-path mode

3

This example describes the typical network and configuration method for TSM interworking in USG2000/5000 hot standby in-path mode.
The networking requirements of this example are as follows:
A company deploys a TSM server group and USG firewalls in hot standby mode.
Requirements are as follows:
?wo TSM Controllers are deployed. If the USGs cannot interwork with both TSM Controllers, the USGs do not control terminal hosts. That is, all traffic from the terminal hosts is permitted.

?erminal hosts in the company network have the TSM proxy software installed. To authenticate guests, the NGFWs must be configured to authenticate end users on the web UI, who do not have the TSM proxy software installed.

?sers in different roles can access specific network resources. The account lee is used as an example. The user can access only the "service system," not resources in the post-authentication domain.

?f an end user passes identity authentication but fails security authentication, fixing measures must be taken in the isolation domain, such as patch download and virus database updates.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top