(Access Manager 5.0 Service Pack 1 and later)
In an Access Manager environment with multiple Identity Servers and Access Gateways, a cluster cookie (UrnNovellNidpClusterMemberId) is automatically set for the serving node of the cluster. When requests come to Identity Server or Embedded Service Provider (ESP), this cookie is used by all nodes of the cluster to perform the proxying, if necessary.
For higher security, it is recommended to enable the USE DEVICE ID IN URN COOKIE property in Identity Server and Access Gateway. When this property is enabled, instead of obfuscation, hashing is used for the cookie value.
For information about how to enable this property, see Managing a Cluster of Identity Servers > Configuring Identity Server Global Options
and Managing Reverse Proxies and Authentication > Configuring ESP Global Options
in the NetIQ Access Manager Appliance 5.0 Administration Guide.