Advanced Session Assurance enables you to prevent session replay attacks by adding an additional layer of security to your sessions. When a session is established, Access Manager Appliancecreates a unique fingerprint of the device from which the session is established. During the session, at a configurable time interval, Access Manager Appliance validates the session to ensure that the fingerprint matches with that the device it originated from.
By default, in a fresh installation, Advanced Session Assurance is enabled for all clusters.
However, in an upgraded setup, it is disabled by default. You must upgrade all nodes in the cluster to version 4.3 before enabling Advance Session Assurance. You should enable Advanced Session Assurance on the need basis. See Best Practices for Enabling Advanced Session Assurance at the Proxy Service Resource Level
in the NetIQ Access Manager Appliance 4.3 Administration Guide.
For more information about Advanced Session Assurance and how to enable it, see Setting Up Advanced Session Assurance
in the NetIQ Access Manager Appliance 4.3 Administration Guide.