Effects of Enabling Watchguard Active Directory authentication

Posted on 2008-10-02
Medium Priority
Last Modified: 2013-11-16
I need to configure my firewall/server to grant access to certain websites based on the USER, and the only way I can see to do this is through WebBlocker policies on our WatchGuard firewall. From my research, I understand that to do it I first would have to set up active directory authentication  which is not currently enabled.  I need to know how enabling this would affect the users experience.

Will enabling this require them to authenticate  each time they open a browser window?

Thanks for your help.

Question by:bjwest
1 Comment
LVL 32

Accepted Solution

dpk_wal earned 200 total points
ID: 22631054
Active directory is not the only way; however it would be a preferred way for most of the administrators as it requires less configuration in terms of user addition and password maintenance.
Webblocker and restrictive website access are two different options. If you enable webblocker you can explicitly deny a website or category or permit the same or even create exceptions.

When you create multiple HTTP services (packet or proxies) for varied internet access, then depending on the access the polciies would be enforced. If you have a less restrictive policy allowing all internet access then all traffic would go out through that policy instead.

Enabling AD authentication on firebox and then configuring a policy which allows access post authentication; this would force them to first authenticate on a java based applet. In the latest versions they can have single-sign-on enabled; otherwise moment the java applet window is closed; they would need to authenticate again.

Please let know if you need more details.

Thank you.

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
To export Lotus Notes to Outlook PST or Exchange and Domino Server files to Exchange Server or PST files with ease, go for Kernel for Lotus Notes to Outlook conversion tool. Through the video, you can watch the conversion process. A common user with…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question