Posted: 2 Min ReadProduct Insights

Introducing Authentication via Broadcom Identity Provider for SpanVA

Symantec CloudSOC SpanVA

SpanVA is a virtual appliance that collects firewall and proxy logs from network devices and proxies and sends them to CloudSOC CASB for use with the Audit application to evaluate shadow IT exposure.

CloudSOC CASB customers use on-prem SpanVAs to address some of the following use-cases:

  • Directory Sync from on-prem Active Directory to CloudSOC
  • Upload (tokenized) on-prem Firewall/Proxy Logs to CloudSOC for ShadowIT Analytics
  • Sync IP-User mapping files for username resolution

Previously authentication to the SpanVA console could only be done with a single Administrator account and password. This created management complications as companies looked to enable multiple Administrators to configure SpanVA. This was especially true in cases when several SpanVA instances were operational and customers needed to deploy multiple instances of SpanVA in different networks or locations.

What’s New and Changed

With the most recent SpanVA release, System Admins are now able to login via their Broadcom IdP to all SpanVA instances that they’re entitled to. This enhancement eliminates the need to share the same credentials with multiple SpanVA administrators and allows authentication into CloudSOC, SpanVA and other portals via a single identity.

Symantec Portals have switched to Broadcom’s Identity Provider, allowing Federated/Non-Federated users to access the portals via this channel. SpanVA leverages the same mechanics for authentication.This ensures that a single identity backed by Broadcom IdP can seamlessly SSO into the various portals.

Configuring External IDP for Federated Users is also an option that can be leveraged when SysAdmins prefer to bring their own IdP to log into Portals via a single identity.

How to deploy SpanVA from CloudSOC CASB

CloudSOC is Broadcom’s CASB (Cloud Access Security Broker) offering and is compliant with Broadcom IdP. The SpanVA instance is downloaded from CloudSOC and deployed into virtualization hypervisors or in your Virtual Private Cloud.

Configuring SpanVAs to leverage Broadcom IdP would require:

  • Selecting the desired SpanVA in CloudSOC and enabling Broadcom Login
  • Adding authorized users that can login to SpanVA

When enabled, SpanVA Admins can login to the SpanVA using their Broadcom IdP credentials.

The need for IdP based authentication has been a highly requested feature by SpanVA Administrators. Implementing this functionality by leveraging Broadcom IdP enables possibilities for exciting enhancements in the future.

For more information, see the SpanVA release notes for SpanVA 1.15.3.150.0. To ensure you are currently running a fully supported version of Symantec CloudSOC SpanVA see end of service dates.

Symantec Enterprise Blogs
You might also enjoy
4 Min Read

Shine a Light on the Metrics That Matter With Symantec CloudSOC

Creating customized dashboards and five reports to get you started

Symantec Enterprise Blogs
You might also enjoy
3 Min Read

Symantec Data Loss Prevention Cloud: How To Achieve Comprehensive Cloud Security

5 Questions Security Practitioners Should Be Asking

About the Author

Shivdev Kalambi

Principal Product Manager, Symantec CloudSOC

Shivdev leads product management for Symantec CloudSOC Audit & Infrastructure.

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.