Solved

Effects of Enabling Watchguard Active Directory authentication

Posted on 2008-10-02
1
736 Views
Last Modified: 2013-11-16
I need to configure my firewall/server to grant access to certain websites based on the USER, and the only way I can see to do this is through WebBlocker policies on our WatchGuard firewall. From my research, I understand that to do it I first would have to set up active directory authentication  which is not currently enabled.  I need to know how enabling this would affect the users experience.

Will enabling this require them to authenticate  each time they open a browser window?

Thanks for your help.

0
Comment
Question by:bjwest
1 Comment
 
LVL 32

Accepted Solution

by:
dpk_wal earned 50 total points
ID: 22631054
Active directory is not the only way; however it would be a preferred way for most of the administrators as it requires less configuration in terms of user addition and password maintenance.
Webblocker and restrictive website access are two different options. If you enable webblocker you can explicitly deny a website or category or permit the same or even create exceptions.

When you create multiple HTTP services (packet or proxies) for varied internet access, then depending on the access the polciies would be enforced. If you have a less restrictive policy allowing all internet access then all traffic would go out through that policy instead.

Enabling AD authentication on firebox and then configuring a policy which allows access post authentication; this would force them to first authenticate on a java based applet. In the latest versions they can have single-sign-on enabled; otherwise moment the java applet window is closed; they would need to authenticate again.

Please let know if you need more details.

Thank you.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now