What is user authentication?
What is user authentication?
User authentication allows the tracking of connections based on name rather than IP address. With authentication, it no longer matters what IP address is used or from which machine a person chooses to work; the username defines the permissions of the user, and follows the user from workstation to workstation.
To gain access to Internet services (such as outgoing HTTP or outgoing FTP), the user provides authenticating data in the form of a username and password. For the duration of the authentication, the session name is tied to connections originating from the IP address from which the individual authenticated.
For more information about authentication, see the Network Security Handbook.
User authentication types
The WatchGuard Firebox System supports five authentication methods identified by the server type used:
•Firebox
•Windows NT
•RADIUS
•CRYPTOCard
•SecurID
A client performs the same sequence of tasks to authenticate against any of the five types of authentication. For the administrator, the Firebox method requires the administrator to add usernames, passwords, and groups using Policy Manager, while the other four methods require storing the data on the server performing authentication.
While more than one type of authentication scheme can be implemented, only one type of authentication can be applied to a single user session.
How user authentication works
A
A Java applet loads a prompt for a username and password that it then passes to the authentication server using a
As long as the Java window remains active (it can be minimized but not closed) and the Firebox doesn’t reboot, users remain authenticated until the session times out. To prevent an account from authenticating, disable the account on the authentication server.
VPN Manager Guide | 87 |
