badabing1
asked on
Single Sign on (SSO) watchGuard M400
Hi,
I'm in the process of setting up SSO for users so we can control our internet access. We only want domain users to access internet and none domain users such (visitors) need to be blocked.
I have read a couple of articles but am still a little unsure which method to use, so here I am asking experts for guidance. I would also appreciate if someone can write step-by-step setup guide or an article that I can follow with some screen prints?
Please also point out any "gotcha"
This article says that "Event Log Monitor” has to be installed on all domain controllers, but later its talks about pushing out SSO client to machines which is also used for authentication, so am a bit confused if this is needed or not? Please clarify
http://www.skype4badmin.com/watchguard-sso-part-1/
and then this video also talks about "Exchange Monitor" for authentication.. do I need all of these options or will one suffice?
https://www.youtube.com/watch?v=qw8e85hXVcg
much appreciated!
Thanks
I'm in the process of setting up SSO for users so we can control our internet access. We only want domain users to access internet and none domain users such (visitors) need to be blocked.
I have read a couple of articles but am still a little unsure which method to use, so here I am asking experts for guidance. I would also appreciate if someone can write step-by-step setup guide or an article that I can follow with some screen prints?
Please also point out any "gotcha"
This article says that "Event Log Monitor” has to be installed on all domain controllers, but later its talks about pushing out SSO client to machines which is also used for authentication, so am a bit confused if this is needed or not? Please clarify
http://www.skype4badmin.com/watchguard-sso-part-1/
and then this video also talks about "Exchange Monitor" for authentication.. do I need all of these options or will one suffice?
https://www.youtube.com/watch?v=qw8e85hXVcg
much appreciated!
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok I got the SSO configured,
I now need to configure a policy to block internet traffic for users who are not member of "domain users". Please can someone advise steps and also taking into account that I do not block servers such as exchange for emails?
we have quite a few policies on watchguard so where would I put/order this new policy?
also is there anything I need to be aware of for mobile device users etc.?
Thanks
I now need to configure a policy to block internet traffic for users who are not member of "domain users". Please can someone advise steps and also taking into account that I do not block servers such as exchange for emails?
we have quite a few policies on watchguard so where would I put/order this new policy?
also is there anything I need to be aware of for mobile device users etc.?
Thanks
ASKER
any updates?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Info provided.
ASKER
we do have around 400 machines. Just out of internet there are no additional licencing requirement for this to work?