I have been reading the R80.10 vSEC limitations (sk110519), and have encountered this:
To enforce security policy with imported Data Center objects, the following conditions must be met on every vSEC Gateway, on which such policy is installed:
- vSEC Controller Enforcer Hotfix must be installed
- Identity Awareness blade must be activated with Terminal Servers authentication
The R80.10 vSEC Controller Administration Guide describes the procedure for enabling this functionality.
But I do not recall seeing this requirement in actual vSEC deployment guides.
Can someone shed a light on what's what with the IA with Terminal Services for vSEC?