On the following picture an administrator configures Identity Awareness:
After clicking -Next- the above configuration is supported by:
A. Kerberos SSO which will be working for Active Directory integration
B. Based on Active Directory integration which allows the Security Gateway to correlate Active Directory users and machines to IP addresses in a method that is completely transparent to the user
C. Obligatory usage of Captive Portal
D. The ports 443 or 80 what will be used by Browser-Based and configured Authentication
Explanation: To enable Identity Awareness:
- Log in to R80 SmartConsole.
- From the Gateways & Servers view, double-click the Security Gateway on which to enable Identity Awareness.
- On the Network Security tab, select Identity Awareness.
The Identity Awareness Configuration wizard opens.
- Select one or more options. These options set the methods for acquiring identities of managed and unmanaged assets.
- AD Query – Lets the Security Gateway seamlessly identify Active Directory users and computers.
- Browser-Based Authentication – Sends users to a Web page to acquire identities from unidentified users. If Transparent Kerberos Authentication is configured, AD users may be identified transparently.
- Terminal Servers – Identify users in a Terminal Server environment (originating from one IP address).