Using the Anonymous Server

This topic describes integration with the anonymous server.

Anonymous Server Overview

This section describes support for using Ivanti Policy Secure with the anonymous server.

Understanding the Anonymous Server

The anonymous server is a local authentication server that allows any user to access the system without providing a username and password.

Instead, when a user enters the URL of a sign-in page that is configured to authenticate against an anonymous server, the Ivanti Policy Secure access management framework bypasses the standard sign-in page and immediately displays the welcome page to the user.

Anonymous Server Feature Support

Ivanti Policy Secure access management framework supports the following anonymous server features:

•Enables guest access without username or password

•Supports Host Checker scans before allowing a guest device to connect to the network

•Supports firewall enforcement roles and policies to limit the resources available to the guest user

Interoperability Requirements and Limitations

The following limitations apply to the anonymous server configuration and logging:

•You can add only one anonymous server configuration.

•You cannot create an administrator realm that uses the anonymous server. Anonymous administration is not allowed.

•During configuration, you must choose the anonymous server as both the authentication server and the directory or attribute server in the Users > User Realms > General tab.

•For security reasons, you might want to limit the number of users who sign in through an anonymous server at any given time. To do this, use the option on the Users > User Realms > [Realm] > Authentication Policy > Limits tab (where [Realm] is the realm that is configured to use the anonymous server to authenticate users).

Configuring Authentication with the Anonymous Server

To configure authentication with the anonymous server:

1.Select Authentication > Auth. Servers.

2.Select Anonymous Server and click New Server to display the configuration page.

3.Save the configuration.

Monitoring Anonymous User Sessions

The purpose of the anonymous server is to enable unauthenticated access. Therefore, the system does not maintain session tables, and the Anonymous Server configuration page does not have a corresponding Users tab. The system does maintain user access logs for anonymous access. The username is recorded in the user access log as “AnonUser1234”. If the user is logging in using the agentless access method, the user access log records the host’s IP address. You can view the User Access Log file by navigating to System > Log/Monitoring.