Identity services - BlueCat Edge - Service Point v4.x.x

BlueCat Edge User Guide

Locale
English
Product name
BlueCat Edge
Version
Service Point v4.x.x

The BlueCat Edge Identity service allows you to collect User Principal Name (UPN) information by parsing directory event logs stored in an Azure Event Hub. Once the Identity service has been granted credentials and given details for the appropriate Azure Event Hub where the logs are stored, it collects a map of UPN to IP address information.

You can embed this information in EDNS in DNS queries forwarded to Cisco Umbrella for processing. This enables Cisco Umbrella to enforce user or group policies on queries and is intended to be a replacement for Cisco Virtual Appliances (VA).

Attention: Identity services can only be deployed to Service Point v4 instances running version 4.6.0 or greater.

To configure identity services

  1. In the top navigation bar, click and select Identity services.
  2. To add a new identity service, click New.
  3. Enter the name of the identity service.
  4. Under Hub name, enter the Azure Event Hub name. Ensure that this value is correctly copied and pasted from Azure.
    Attention: The Azure Event Hub entered must have a message retention period set where events expire within 24 hours. If the events expiration is greater than 24 hours, the identity service can consume old events, resulting in the identity service operating off of incorrect stale events while it catches up to newer events.
  5. Under Consumer group, enter the Azure Event Hub consumer group. Ensure that this value is correctly copied and pasted from Azure.
    Note: Only a single consumer can use a consumer group at one time. For example, if you configure two identity services with the same consumer group, only one identity service instance receives events. If the primary identity service instance that received the events goes down, the second identity service instance will start receiving events.
  6. Under Partition ID, enter the Azure Event Hub partition ID. Ensure that this value is correctly copied and pasted from Azure. The default value is 0.
  7. Under Connection string, enter the Azure Event Hub connection string. Ensure that this value is correctly copied and pasted from Azure.
  8. Select the name of a Service Point v4 that will pull the identity service. After you have saved your selection, the service points appear below the Service point field.
  9. Under Service version, select the version of identity service that you would like to deploy. For more information on the changes introduced in identity service versions, refer to Identity service version change log.
  10. Click Deploy.