Solved

Effects of Enabling Watchguard Active Directory authentication

Posted on 2008-10-02
1
742 Views
Last Modified: 2013-11-16
I need to configure my firewall/server to grant access to certain websites based on the USER, and the only way I can see to do this is through WebBlocker policies on our WatchGuard firewall. From my research, I understand that to do it I first would have to set up active directory authentication  which is not currently enabled.  I need to know how enabling this would affect the users experience.

Will enabling this require them to authenticate  each time they open a browser window?

Thanks for your help.

0
Comment
Question by:bjwest
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 32

Accepted Solution

by:
dpk_wal earned 50 total points
ID: 22631054
Active directory is not the only way; however it would be a preferred way for most of the administrators as it requires less configuration in terms of user addition and password maintenance.
Webblocker and restrictive website access are two different options. If you enable webblocker you can explicitly deny a website or category or permit the same or even create exceptions.

When you create multiple HTTP services (packet or proxies) for varied internet access, then depending on the access the polciies would be enforced. If you have a less restrictive policy allowing all internet access then all traffic would go out through that policy instead.

Enabling AD authentication on firebox and then configuring a policy which allows access post authentication; this would force them to first authenticate on a java based applet. In the latest versions they can have single-sign-on enabled; otherwise moment the java applet window is closed; they would need to authenticate again.

Please let know if you need more details.

Thank you.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
WatchGuard T50 - Internet Priority Based on VLAN or User 1 85
slow vpn connection 9 92
Swapping port on a  Cisco 5510 firewall 1 68
NAT on Fortigate 2 39
Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question