Advanced Session Assurance enables you to prevent session replay attacks by adding an additional layer of security to your sessions. When a session is established, Access Manager creates a unique fingerprint of the device from which the session is established. During the session, at a configurable time interval, Access Manager validates the session to ensure that the fingerprint matches with that the device it originated from.
By default, in a fresh installation, Advanced Session Assurance is enabled for all clusters.
However, in an upgraded setup, it is disabled by default. You must upgrade all nodes in the cluster to version 4.3 before enabling Advance Session Assurance. You should enable Advanced Session Assurance on the need basis. See Best Practices for Enabling Advanced Session Assurance at the Proxy Service Resource Level
in the NetIQ Access Manager 4.3 Administration Guide.
For more information about Advanced Session Assurance and how to enable it, see Setting Up Advanced Session Assurance
in the NetIQ Access Manager 4.3 Administration Guide.