Solved

Effects of Enabling Watchguard Active Directory authentication

Posted on 2008-10-02
1
744 Views
Last Modified: 2013-11-16
I need to configure my firewall/server to grant access to certain websites based on the USER, and the only way I can see to do this is through WebBlocker policies on our WatchGuard firewall. From my research, I understand that to do it I first would have to set up active directory authentication  which is not currently enabled.  I need to know how enabling this would affect the users experience.

Will enabling this require them to authenticate  each time they open a browser window?

Thanks for your help.

0
Comment
Question by:bjwest
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 32

Accepted Solution

by:
dpk_wal earned 50 total points
ID: 22631054
Active directory is not the only way; however it would be a preferred way for most of the administrators as it requires less configuration in terms of user addition and password maintenance.
Webblocker and restrictive website access are two different options. If you enable webblocker you can explicitly deny a website or category or permit the same or even create exceptions.

When you create multiple HTTP services (packet or proxies) for varied internet access, then depending on the access the polciies would be enforced. If you have a less restrictive policy allowing all internet access then all traffic would go out through that policy instead.

Enabling AD authentication on firebox and then configuring a policy which allows access post authentication; this would force them to first authenticate on a java based applet. In the latest versions they can have single-sign-on enabled; otherwise moment the java applet window is closed; they would need to authenticate again.

Please let know if you need more details.

Thank you.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

689 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question