Which two Identity Awareness daemons are used to support identity sharing?

The two Identity Awareness daemons that support identity sharing are the Policy Decision Point (PDP) and the Policy Enforcement Point (PEP).

The PDP is responsible for making access control decisions based on the identity information it receives. It evaluates the applicable policies and determines whether to allow or deny requests based on the identities involved. By sharing identity information across platforms and enabling consistent policy enforcement, the PDP plays a crucial role in managing security within an organization.

The PEP, on the other hand, is the component that actually enforces the decisions made by the PDP. It acts as the gatekeeper, allowing or blocking traffic based on the policies dictated by the PDP. This direct enforcement based on identity information is essential for ensuring that security measures are applied consistently and effectively across the network.

The combination of these two daemons ensures that both the decision-making and enforcement aspects of identity management are addressed, which is vital for effective identity sharing in a security architecture. Each component complements the other, thus enhancing the overall security framework that relies on identity awareness.