So do you mean when using manual mapping policy, when user authenticated to IC then IC will push auth. table entry even user is not access the protected resource?
and when using dynamic auth. table allocation/provisioning, when user authenticated to IC then IC will not push auth. table entry to enforcer, unless user accessing the protected resource and then IC will push auth. table entry to enforcer.
am i correct ?
what about the total number of auth. table entry in enforcer like SSG20, how many can support? do you have a list for every SSG series?
Yup, you got it right.
You should be able to get information about the no. of Auth table entries supported on each enforcer platforms by contacting your Juniper Partner or Sales team.
Thanks for your confirmation.
actually my company are juniper partner
I have already searching in many techincal documentation and juniper knowledge base but still not find that informaton about no. of auth table in SSG series.
Thanks again for your information.