SpanVA is a virtual appliance that collects firewall and proxy logs from network devices and proxies and sends them to CloudSOC CASB for use with the Audit application to evaluate shadow IT exposure.

CloudSOC CASB customers use on-prem SpanVAs to address some of the following use-cases:

• Directory Sync from on-prem Active Directory to CloudSOC
• Upload (tokenized) on-prem Firewall/Proxy Logs to CloudSOC for ShadowIT Analytics
• Sync IP-User mapping files for username resolution

Previously authentication to the SpanVA console could only be done with a single Administrator account and password. This created management complications as companies looked to enable multiple Administrators to configure SpanVA. This was especially true in cases when several SpanVA instances were operational and customers needed to deploy multiple instances of SpanVA in different networks or locations.

What’s New and Changed

With the most recent SpanVA release, System Admins are now able to login via their Broadcom IdP to all SpanVA instances that they’re entitled to. This enhancement eliminates the need to share the same credentials with multiple SpanVA administrators and allows authentication into CloudSOC, SpanVA and other portals via a single identity.

Symantec Portals have switched to Broadcom’s Identity Provider, allowing Federated/Non-Federated users to access the portals via this channel. SpanVA leverages the same mechanics for authentication.This ensures that a single identity backed by Broadcom IdP can seamlessly SSO into the various portals.

Configuring External IDP for Federated Users is also an option that can be leveraged when SysAdmins prefer to bring their own IdP to log into Portals via a single identity.

How to deploy SpanVA from CloudSOC CASB

CloudSOC is Broadcom’s CASB (Cloud Access Security Broker) offering and is compliant with Broadcom IdP. The SpanVA instance is downloaded from CloudSOC and deployed into virtualization hypervisors or in your Virtual Private Cloud.

Configuring SpanVAs to leverage Broadcom IdP would require:

• Selecting the desired SpanVA in CloudSOC and enabling Broadcom Login
• Adding authorized users that can login to SpanVA

When enabled, SpanVA Admins can login to the SpanVA using their Broadcom IdP credentials.

The need for IdP based authentication has been a highly requested feature by SpanVA Administrators. Implementing this functionality by leveraging Broadcom IdP enables possibilities for exciting enhancements in the future.

For more information, see the SpanVA installation notes. To ensure you are currently running a fully supported version of Symantec CloudSOC SpanVA see end of service dates.