Juniper Networks Secure Access Administration Guide

Defining an authentication realm
Figure 9: Authentication > Auth. Servers > Test Server > Users
Chapter 1: Initial Verification and Key Concepts
An authentication realm is a grouping of authentication resources, including:
� An authentication server, which verifies a user’s identity. The IVE forwards
credentials submitted on a sign-in page to an authentication server.
� An authentication policy, which specifies realm security requirements that
need to be met before the IVE submits credentials to an authentication server
for verification.
� A directory server, which is an LDAP server that provides user and group
attribute information to the IVE for use in role mapping rules and resource
policies (optional).
� Role mapping rules, which are conditions a user must meet in order for the IVE
to map a user to one or more roles. These conditions are based on information
returned by the realm's directory server, the person’s username, or certificate
attributes.
Creating a test scenario to learn IVE concepts and best practices � 13