IP to user mapping unreliable

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

IP to user mapping unreliable

L4 Transporter

Situation: PC connected to our domain. Domain users log on to it. Domain users have internet access.

The same PC is used for assessments. These (external) users log on with a local user account (not known as a domain user). These users are not allowed to have internet access.

If a domain user has logged on to the PC, the IP is mapped to the user. If the domain user logs off, the IP mapping remains (until timeout). If in the meantime a local user logs on, he/she has full internet access.

This posed two severe problems:

1. Traffic coming from that PC is mistakenly logged as coming from that user.

2. Policies for denying applications based on user don't work.

How can I make the device reliably identify users and allow/deny applications ?

32 REPLIES 32

For us too WMI probing improved the situation. However, some (older) pc still had local Windows firewalls active, by default it did not allow the probing.

We took the quick and dirty fix: disabled Windows firewall with group policy when connected to the domain.

Good to know thanks!

L0 Member

Hi

i think wmi/netbios probing does not work if the client machine is a non windows based,e.g. Mac book

Pa should consider to read logoff event to solve this problem, cannot 100% but at least 95%

  • 12526 Views
  • 32 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!