Support User Manuals

SonicWALL TZ 190 Humidifier User Manual

Open as PDF

of 843

User Management

606

SonicOS Enhanced 4.0 Administrator Guide

Users that are identified but lack the group memberships required by the configured policy rules

are redirected to the Access Barred page.

Benefits

SonicWALL SSO is a reliable and time-saving feature that utilizes a single login to provide

access to multiple network resources based on administrator-configured group memberships

and policy matching. SonicWALL SSO is transparent to end users and requires minimal

administrator configuration.

By automatically determining when users have logged in or out based on workstation IP

address traffic, SonicWALL SSO is secure and hands-free. SSO authentication is designed to

operate with any external agent that can return the identity of a user at a specific IP address

using a SonicWALL ADConnector-compatible protocol.

SonicWALL SSO works for any service on the SonicWALL security appliances that uses user-

level authentication, including Content Filtering Service (CFS), Firewall Access Rules, group

membership and inheritance, and security services (IPS, GAV, SPY and Application Firewall)

inclusion/exclusion lists.

Other benefits of SonicWALL SSO include:

• Ease of use — Users only need to sign in once to gain automatic access to multiple

resources.

• Improved user experience — Windows domain credentials can be used to authenticate a

user for any traffic type without logging in using a Web browser.

• Transparency to users — Users are not required to re-enter user name and password for

authentication.

• Secure communication — Shared key encryption for data transmission protection.

• SonicWALL SSO Agent can be installed on any workstation on the LAN.

• Login mechanism works with any protocol, not just HTTP.

Platforms

SSO is available on SonicWALL security appliances running SonicOS 4.0 Enhanced.

Supported Standards

The SonicOS Enhanced 4.0 SSO feature supports LDAP and local database protocols.

To use SonicWALL SSO, it is required that the SonicWALL SSO Agent be installed on the

workstations within your Windows domain that can reach clients directly using a static IP or

through a VPN path. The following requirements must be met in order to run the SSO Agent:

• Port 2258 must be open; the firewall uses UDP port 2258 by default to communicate with

SonicWALL SSO Agent

• Windows 32 or XP, with latest service pack

• .NET Framework 2.0

previous next