STAS Best Practice

As far as I understands how STAS works, it just reads the DC security event log and sends the user, user's logon / log off event and associated IP address to the XG when querried. The XG and Firewall rules will do the rest with the result set. When there are performance issues with reading the event log on the DC the identity probe by the XG will fail.

Can your user's be logged on to devices in multiple vlans at the same time and no seperate DC per VLAN?  Have you tested it? I am not sure if that will confuse the STAS query results. 

STAS is EOL and no word yet on a replacement.

STAS is not EoL. SATC is going to be End of Life (31.07). SATC is the terminal server solution and will be migrated to Intercept X for server. 

STAS (collector) is also using WMI to check, if the user is still online. 

You can install multiple STAS agents to query the DC and one Collector to pump the data to all XGs. 

STAS is not EoL. SATC is going to be End of Life (31.07). SATC is the terminal server solution and will be migrated to Intercept X for server. 

STAS (collector) is also using WMI to check, if the user is still online. 

You can install multiple STAS agents to query the DC and one Collector to pump the data to all XGs. 

Hi LuCar Toni,

You are right I am mixing up SATC / STAS as we have that issue.

We are still waiting for news on the migration of SATC to Intercept X for Sever. Currently STAS SSO and Web Proxy works when I am logged on to my pc. When I also connect from the pc to the RDS server and login and use the web proxy it will throw random category page blocks. It do not have that issue when I VPN in and connect to the RDS. In the log I show up with my PC IP and the RDS server IP. So a user showing with multiple IP adresses will cause problems. In our case it is in the same VLAN

Regards,

Fred