Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
carl_t
Participant

Identity awareness - just to see traffic only

Hi All

We do not have identity awareness switched on at the min, we use IP based objects only.

If I wanted to switch it on just so we can log the users traffic etc, would this be OK?

Would this not cause any impact to my current rulebase?

Would it automatically start putting the user in the logs?

 

Cheers

 

0 Kudos
Reply
3 Replies
Maarten_Sjouw
Champion
Champion

It would not impact the database, it will collect the information and can have a very slight performance impact, so when your gateway is already at it's peak of its capabilities (fully loaded memory and multiple cores close to 100%) I would not activate it, but in all other case there would not be a noticable impact.

In your logs you should indeed see user information pop up (if your allowed to see it).

Regards, Maarten
0 Kudos
Reply
Kaspars_Zibarts
Authority
Authority

Additionally to @Maarten_Sjouw , you can utilize affinity to separate fwk cores from IA (pdpd and pepd) work this approach you would have zero impact. That's of you have enough CPU cores to play with.

0 Kudos
Reply
PhoneBoy
Admin
Admin

We've supported this even before we had support do Identity Awareness in the rulebase (back in R71), so yes.

0 Kudos
Reply