Aliases are shortcuts used to identify groups of hosts, networks, or users. The use of aliases simplifies service configuration.
User authentication allows the tracking of connections based on name rather than IP address. With authentication, it does not matter which IP address is used or from which machine a person chooses to work. To gain access to Internet services (such as outgoing HTTP or outgoing FTP), the user provides authenticating data in the form of a username and password. For the duration of the authentication, the session name is tied to connections originating from the IP address from which the individual authenticated. This makes it possible to track not only the machines from which connections are originating, but the user as well.
Note: Because usernames are bound to IP addresses, user authentication is not recommended for use in an environment with shared multiuser machines (such as Unix, Citrix, or NT terminal servers), because only one user per shared server can be authenticated at any one time.
The Firebox allows you to define permissions and groups
using user names rather than IP addresses. This system allows for situations
where users may use more than one computer or IP address. Tracking activities
by user rather than IP is especially useful on networks using DHCP where
a user workstation may have several different IP addresses over the course
of a week. Authentication by user is also useful in education environments,
such as classrooms and college computer centers where many different people
might use the same IP address over the course of the day. For more information
on authentication, see the following collection of FAQs:
https://support.watchguard.com/advancedfaqs/auth_main.asp
Related topics:
Defining Firebox Users and Groups for Authentication
Copyright
© 1996 - 2003 WatchGuard Technologies, Inc. All rights reserved.
Legal Notice/Terms of Use