The Terminal Services (TS) Agent Identity Source
The TS Agent is a passive authentication method and one of the authoritative identity sources supported by the system. A Windows Terminal Server performs the authentication, and the TS Agent reports it to a standalone or high availability FMC.
When installed on Windows Terminal Servers, the TS Agent assigns a unique port range to individual users as they log in or log out of a monitored network. The FMC uses the unique port to identify individual users in the system. You can use one TS Agent to monitor user activity on one Windows Terminal Server and send encrypted data to a FMC.
The TS Agent does not report failed login attempts. The data gained from the TS Agent can be used for user awareness and user control.