All Topics » Pulse Policy Secure



MAG UAC SRX lisence


jiff.clare
Contributor (11)
Dec 5, 2013 12:06am

hi all

i have question regarding uac lisence

if i want to make mag integrate with srx to apply policy on srx per user group in active directory,

this mean that i can not use any nac feature in mag appliance, cause i read article that say if you enable srx user role lisence on mag so nac feature will be disabled,

https://www.juniper.net/techpubs/en_US/uac/topics/reference/general/uac-enforcer-application-policies-licensing-about.html

so please i need confirmation for that




kalagesan
Contributor (11)
Correct Answer
Dec 5, 2013 12:38am

Hi,

 

Your understanding is correct.

 

The following admin UI pages are hidden when the MAGx600-UAC-SRX license is applied:


UAC: Infranet Enforcer: IPsec Routing, IP Address Pools
Authentication Servers: all are hidden except for Active Directory and local
authentication
Endpoint Security and Host Checker
UAC: Network Access (Layer 2 options)
UAC: Host Enforcer
IF-MAP Federation
Junos Pulse and Odyssey Access Client installation option
Agent settings for user roles

 

You can use SRX Series user role policies with or without the
MAGx600-UAC-SRX license as an alternative to resource access policies
with a standard UAC license.

There is no single sign-on capability without the MAGx600-UAC-SRX license.

 

Note: If I have answered your questions, you could mark this post as accepted solution, that way it could help others as well. Kudo will be a bonus thanks!

 

Regards,
Kannan

    jiff.clare
    Contributor (11)
    Dec 5, 2013 1:34am

    thanks, and i contact juniper for that to have a final confirmation

    jiff.clare
    Contributor (11)
    Dec 5, 2013 1:45am

    hi kalagesan

     

    thanks alot, but i if i dont have srx integration lisence and only have the common lisence, so can mag integrate with active directory for only authentication purpose without single sign on, so i can built policy in srx based on uer role and srx integrate with mag and mag authenticate the users only from active directory, or i can have local database for user in mag and integrate srx with it without lisence