Announcement

Collapse
No announcement yet.

Auth connector status email alert

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Auth connector status email alert

    Hi All,

    I understand that we can configure two Auth connectors as Primary and Secondary for resiliency. Is it possible to send email alert if the Primary Auth Connector is down? I navigate to the Portal, checked KB's and Admin Guides, but I cannot find the portion for this kind of alerts option.

    Hope to hear any response from you.


    Thanks and regards,
    Joeb

  • #2
    Originally posted by JBM View Post
    Hi All,

    I understand that we can configure two Auth connectors as Primary and Secondary for resiliency. Is it possible to send email alert if the Primary Auth Connector is down? I navigate to the Portal, checked KB's and Admin Guides, but I cannot find the portion for this kind of alerts option.

    Hope to hear any response from you.


    Thanks and regards,
    Joeb
    JBM,
    The only closest thing you could try is editing the Default Notifications for Health Checks >General and select E-mail notification for "Notify for each IP address" and see if that would trigger per each IP/FQDN entered for your Auth connectors pending the Severity drop down you chose. Only downside is this affects the default for all services, not just auth connectors.

    I'm not aware of any other way to trigger, unless you put in a FR (Feature Request).

    Thanks,
    AKH

    Comment


    • #3
      Hi AKH,

      I think you are pertaining on the on-prem Proxy.

      Apology for the confusion, I'm pertaining on WSS itself. I just want to confirm if there is no option to send email alerts for Location and Auth Connector status in WSS?


      Thanks and regards,
      Joeb

      Comment


      • #4
        Hello JBM,

        As per my understanding you want to have some form of monitoring on the primary and secondary auth connectors much like health checks except in WSS. From my knowledge this is not possible in WSS to monitor the availability of Auth Connectors. however if it would be possible at all then an alert would be created from (Reporting -> Reporting Alerts -> Add Alert). Other then this id suggest you'd use some sort of SNMP monitoring such as Nagious.

        Best of luck

        BR
        Matt Jonson

        Comment


        • #5
          Hi Matt,

          Thank you for the input. Your point seems to be confirmed as I can't find any setting or option in the portal.

          However, I have a follow up question. What will happen to the Users incase both my primary and secondary Auth connector are down/unreachable? Is there any exception page to be shown if Auth connectors are down, just like the on-prem Proxy?

          Appreciate it for anyone who can share any input.


          Thanks and regards.

          Comment


          • #6
            Hello JBM,

            I've personally never tried to disconnect the auth connector but from what the auth connector does the impact will differ depending on the access method you're using.

            The auth connector works almost the same way as BCAA.
            It forwards user and group information to the cloud proxy to allow custom policy based on group and/or user names before they begin generating traffic; without it, you must wait until users/groups generate traffic and then reactively create policies.

            The Auth Connector is not required for all Access Methods. However, as mentioned above the auth connector is required if you plan to create custom policy based on user and group names and in some methods view reports based on user/groups the sole exception is Explicit Proxy Without Captive Portal enabled because no authentication occurs.

            I'd recommend reading through the threatpulse documentation "About the Auth Connector Integration" where you'll find the explanation i mentioned above.

            Have a great day!

            Br
            Matt

            Comment

            Working...
            X