What You Need To Know; Authentication Policy Screen - ZyXEL Communications ZyWall USG 2000 User Manual

Chapter 23 Authentication Policy

23.1.2 What You Need to Know

Authentication Policy and VPN
Authentication policies are applied based on a traffic flow's source and destination
IP addresses. If VPN traffic matches an authentication policy's source and
destination IP addresses, the user must pass authentication.
Multiple Endpoint Security Objects
You can set an authentication policy to use multiple endpoint security objects. This
allows checking of computers with different OSs or security settings. When a client
attempts to log in, the ZyWALL checks the client's computer against the endpoint
security objects one-by-one. The client's computer must match one of the
authentication policy's endpoint security objects in order to gain access.
Forced User Authentication
Instead of making users for which user-aware policies have been configured go to
the ZyWALL Login screen manually, you can configure the ZyWALL to display the
Login screen automatically whenever it routes HTTP traffic for anyone who has
not logged in yet.
Note: This works with HTTP traffic only. The ZyWALL does display the Login screen
when users attempt to send other kinds of traffic.
The ZyWALL does not automatically route the request that prompted the login,
however, so users have to make this request again.
Finding Out More
See Section 7.8 on page 146
authentication policies.

23.2 Authentication Policy Screen

The Authentication Policy screen displays the authentication policies you have
configured on the ZyWALL.
422
for an example of how to use endpoint security and
ZyWALL USG 2000 User's Guide