6.4 Basic Traffic Rule Types
Alternatively you can define the rule to allow only authenticated users to access specific services. Any user that has a user account in WinRoute will be allowed to access the Internet after authenticating to the firewall. Firewall administrators can easily monitor which services and which pages are opened by each user (it is not possible to connect anonymously).
Figure 6.29 Only authenticated users are allowed to connect to the Internet
For detailed description on user authentication, refer to chapter 8.1.
Notes:
1.The rules mentioned above can be combined in various ways (i.e. a user group can be allowed to access certain Internet services only).
2.Usage of user accounts and groups in traffic policy follows specific rules. For de- tailed description on this topic, refer to chapter 23.5.
Exclusions
You may need to allow access to the Internet only for a certain user/address group, whereas all other users should not be allowed to access this service.
This will be better understood through the following example (how to allow a user group to use the Telnet service for access to servers in the Internet). Use the two following rules to meet these requirements:
•First rule will deny selected users (or a group of users/IP addresses, etc.) to access the Internet.
•Second rule will deny the other users to access this service.