|Advanced UI Tasks|
|Run Guided Setup|
|Flow Detail Records|
|Date and Time|
|Traffic Tree Mgmt.|
|Graphs & Reports|
|Blue Coat Sky Tasks|
PacketShaper uses the Blue Coat Authentication and Authorization Agent (BCAAA) to resolve IP addresses to user names so that it can classify and report on network users and groups. You must install BCAAA version 6.1 on a Windows Domain Controller (DC) or other member server (running version Windows 2008 or 2012). When deciding where to install BCAAA, keep in mind that it must be able to contact every DC that contains user login sessions for the users you are authenticating. Therefore, you should try to keep BCAAA on the same subnet as the DC whenever possible to avoid excess WAN bandwidth usage.
Planning for your BCAAA Installation
It’s important to size your BCAAA installation appropriately when preparing to use the user awareness feature. To ensure that BCAAA can service all the queries from PacketShaper, Blue Coat recommends the following BCAAA-to-PacketShaper ratios:
Disregarding these recommendations could overload the BCAAA server, resulting in BCAAA being unable to respond to PacketShaper IP-user queries. See Configuration Limits for per-model specifications.
Caution: To prevent any impact on ProxySG authentication functionality, PacketShaper should not share a BCAAA server with a ProxySG.
Download and Install BCAAA
The user who installs BCAAA needs admin rights on the BCAAA server. Installation can be performed by a local admin – that is, an account that exists only on the BCAAA server, and not in Active Directory. The install could also be performed by an Active Directory admin.
1. Log in to the Windows server where you plan to install BCAAA.
2. In a web browser, log in to BTO (https://bto.bluecoat.com).
3. Go to the PacketShaper download page (https://bto.bluecoat.com/download/PacketShaper) and locate the version of PacketWise you are using.
4. Click the WindowsBCAAA link. Follow the screen prompts to download the package.
5. Unzip the BCAAA setup package and double-click the .exe file to launch the BCAAA Setup wizard.
6. To begin the setup, click Next.
7. Destination Folder: Specify the location for the BCAAA software. You can accept the default location (C:\Program Files\Blue Coat Systems\BCAAA) or browse to a different location. Make sure that your anti-virus software is not configured to scan the directory in which you install BCAAA. Click Next to continue.
8. Port Number: Specify the port number that BCAAA and the PacketShaper will use to communicate. By default, both BCAAA and the PacketShaper use port 16101. If you choose a port other than the default, you must set the same value on the PacketShaper. In addition, make sure that this port is not blocked by a firewall between the BCAAA server and the PacketShaper or by the Windows firewall on the server where you are installing BCAAA. Click Next to continue.
9. Firewall Configuration: Enable the Open port option to have the BCAAA Setup wizard open the BCAAA-PacketShaper communication port (16101 by default) on the Windows server firewall. If you don't enable this option, you will need to manually configure this setting yourself.
10. SSL Requirements: When prompted whether you want to use SSL between the PacketShaper and BCAAA, select Forbidden, and then click Next.
11. Windows SSO Configuration: When asked whether this installation will be supporting a ProxySG with a Windows SSO realm or a PacketShaper, select Yes. Click Next to continue.
12. Service Account Configuration: Enter the user name and password that the BCAAA service will log on as. The account must be a member of the domain. Click Next to continue.
13. Click Install. When installation completes, the final BCAAA screen displays.
PacketGuide™ for PacketWise® 9.2