12
User and Group Management
The Firebox® X Edge e-Series includes tools you can use to manage your network and your users. You
can create user accounts and manage access to the Internet or to your VPN tunnels with user authenti-
cation. Or, you can allow free access to the Internet and VPN tunnels to all users. In this chapter, you
learn to do these tasks:
Configure local Firebox X Edge authentication
•
Configure the Edge to use LDAP or Active Directory authentication
•
Examine current users and properties
•
Allow internal hosts to bypass user authentication
•
About User Licenses
Your Firebox® X Edge firewall is enabled with a set number of user licenses (also called nodes). The total
number of available sessions is determined by the Edge model you have, and any upgrade licenses you
apply. The number of licenses limits the number of sessions. To control the number of users at any
time, close one or more sessions. When you close a session, you make that user license available for
another user. Sessions can be closed in several ways:
If you require users to authenticate, the Firebox User can manually log out and return his or her
•
license.
The Edge Administrator can close the session manually. He or she can close the session for a
•
individual user or close all sessions.
If you require users to authenticate, you can assign a maximum timeout and an idle timeout for
•
each user.
The Edge Administrator can set a global session maximum timeout.
•
You must reboot the Edge to close all sessions.
•
License upgrades are available from your reseller or from the WatchGuard® web site:
http://www.watchguard.com/products/purchaseoptions.asp
User Guide
155