Network Access Control

 View Only

  • 1.  Can Symantec Network Access Control (SNAC) accept a SAML Authentication Assertion

    Posted Oct 27, 2009 12:01 PM
    Greetings:

    Would like to utilize a 3rd party bilateral authetnication solution to identity user before they enter certain network segments.  If the segments are protected with SNAC, can SNAC be configured to utilize a SAML assertion for authentiction??

    The workflow would be:

    1.  User tries to obtain access to network segment  (Wifi, etc)
    2. SNAC blocks user
    3.  SNAC forces user to do Browser based authentication
    4.  USer is redirected to 3rd party appliance URL
    5.  Authentication is conducted
    6.  3rd party product sends a SAML assertion to SNAC
    7.  SNAC accepts user, allows access to network segment

    Is this doable w/ SNAC?


  • 2.  RE: Can Symantec Network Access Control (SNAC) accept a SAML Authentication Assertion

    Posted Oct 27, 2009 05:55 PM
    I do not think this is possible with SNAC. I have searched through all the SNAC documentation, and have not found any mention of SAML Authentication. Can anyone else confirm this?

    Best,
    Thomas


  • 3.  RE: Can Symantec Network Access Control (SNAC) accept a SAML Authentication Assertion

    Posted Oct 27, 2009 09:45 PM
     yes, SNAC don't support SAML currently.

    Gsecurity,

    would you like to share your configuration if you think you can?
    Could you describe what SAML appliance you use? what's the configuration?

    Thanks
    Figo