Got it
Huawei Enterprise Support Community
Community Forums Security
SACG Authentication Proce...

SACG Authentication Process

Latest reply: Apr 21, 2022 05:16:56 122 7 4 0 0
View the author 1#


Continuation.  The beginning can be viewed at this link SACG authentication


SACG Authentication Process


The SACG authentication process is as follows: 

 

  • The SACG sends a message to the controller, requesting the synchronization of the rules of the pre-authentication domain, and post-authentication domain, and converts the obtained rules into ACLS.  After the administrator configures the switch, firewall interfaces, and firewall security policies, the firewall sends a connection request to the controller periodically (at an interval of 10 minutes).  Therefore, the administrator needs to configure the firewall to allow the local security zone (firewall itself) to access the security zone of the controller.


  • After the connection is established, the controller delivers the rules of the configured pre-authentication domain, and post-authentication domain to the firewall.  


  • An end user enters the user name and password on the AnyOffice or another client to initiate an identity authentication request.  

  • If the end user does not install the AnyOffice, the SACG pushes the URL (of a web or WebAgent page) configured on the firewall to the end user so that the end user can be authenticated through the web page.  


  • The controller returns the authentication result.  If the authentication fails, the end user can access only resources in the pre-authentication domain.


  • The SACG Switches the terminal's IP address to the corresponding domain and returns the execution result to the controller.  


  • The controller compares the policy on the server with the local policy.  If the policies are different, the controller delivers the latest security policy to the client.  If the policies are the same, the controller does not perform the policy delivery operation but returns a response packet to the client.  


  • The end user assesses the network.  When a packet from the terminal passes through the SACG, the SACG uses the ACL of the corresponding authentication domain to limit the network resources that the end user can access.


continuing the theme  SACG Application Scenario


If you are interested in this topic and want to read the continuation, like and write in the comments.

SACG Authentication Process

Like (4) Dislike (0) Favorite(0) Share Report
Previous: USG2220 supports DHCP protection
Next: The Overview of Data Integrity - PART- 03
(2) (0)
2#
thisu
Created 4 days ago

Good share
View more
  • x
  • convention:

RNT
RNT Created 4 days ago (0) (0)
 
(1) (0)
3#
Saqibaz
Created 4 days ago

Thanks for sharing
View more
  • x
  • convention:

RNT
RNT Created 4 days ago (0) (0)
 
(0) (0)
4#
RNT
Created 4 days ago

@harisaliehsan @Irshadhussain @Anno7 @adrian_alucard @Nikica @TyphoonSvg @NTan33 @user_4523405 @maithi

welcome!
View more
  • x
  • convention:
(1) (0)
5#
DienLg
Created 7 Hours ago

Thanks for sharing
View more
  • x
  • convention:

RNT
RNT Created 4 Hours ago (0) (0)
 
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.