Sso Overview - ZyXEL Communications ZyWall 110 User Manual
Security firewalls
Hide thumbs
Also See for ZyWall 110:
- User manual (1090 pages) ,
- Handbook (749 pages) ,
- Handbook & instructions (255 pages)
Table of Contents
Advertisement
The following table gives an overview of the objects you can configure.
Table 144 Configuration > Web Authentication > Add Authentication Policy
LABEL
Create new
Object
Enable Policy
Description
User
Authentication
Policy
Source Address
Destination
Address
Schedule
Authentication
Single Sign-on
Force User
Authentication
OK
Cancel
19.3 SSO Overview
The SSO (Single Sign-On) function integrates Domain Controller and ZyWALL/USG authentication
mechanisms, so that users just need to log in once (single login) to get access to permitted
resources.
In the following figure, U user logs into a Domain Controller (DC) which passes the user's login
credentials to the SSO agent. The SSO agent checks that these credentials are correct with the AD
server, and if the AD server confirms so, the SSO then notifies the ZyWALL/USG to allow access for
the user to the permitted resource (Internet access, for example).
Chapter 19 Web Authentication
DESCRIPTION
Use to configure any new settings objects that you need to use in this screen. Select
Address or Schedule.
Select this check box to activate the authentication policy. This field is available for user-
configured policies.
Enter a descriptive name of up to 60 printable ASCII characters for the policy. Spaces are
allowed. This field is available for user-configured policies.
Use this section of the screen to determine which traffic requires (or does not require) the
senders to be authenticated in order to be routed.
Select a source address or address group for whom this policy applies. Select any if the
policy is effective for every source. This is any and not configurable for the default policy.
Select a destination address or address group for whom this policy applies. Select any if
the policy is effective for every destination. This is any and not configurable for the default
policy.
Select a schedule that defines when the policy applies. Otherwise, select none and the rule
is always effective. This is none and not configurable for the default policy.
Select the authentication requirement for users when their traffic matches this policy.
unnecessary - Users do not need to be authenticated.
required - Users need to be authenticated. If Force User Authentication is selected, all
HTTP traffic from unauthenticated users is redirected to a default or user-defined login
page. Otherwise, they must manually go to the login screen. The ZyWALL/USG will not
redirect them to the login screen.
This field is available for user-configured policies that require Single Sign-On (SSO). Select
this to have the ZyWALL/USG enable the SSO feature. You can set up this feature in the
SSO screen.
This field is available for user-configured policies that require authentication. Select this to
have the ZyWALL/USG automatically display the login screen when users who have not
logged in yet try to send HTTP traffic.
Click OK to save your changes back to the ZyWALL/USG.
Click Cancel to exit this screen without saving.
ZyWALL/USG Series User's Guide
340
- Quick Links:
- Web Configurator
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
