If you do not use a third-party authentication server, you can use your Firebox as an authentication server. This is known as Firebox authentication. When you configure Firebox authentication, you create user accounts for each user in your company, and then divide these users into groups for authentication. When you assign users to groups, make sure to associate them by their tasks and the information they use. For example, you can have an accounting group, a marketing group, and a research and development group. You can also have a new employee group with more controlled access to the Internet.
When you create a group, you set the authentication procedure for the users, the system type, and the information they can access. A user can be a network or one computer. If your company changes, you can add or remove user accounts from your groups.
The Firebox authentication server is enabled by default. You do not have to enable it before you add users and groups.
Add Users and Groups
After you add user accounts and groups, the users you added can connect to the Authentication Portal from a web browser on a computer or smart phone, and authenticate over port 4100 to get access to your network. For more information about how to use Firebox authentication, see Firewall Authentication.
Configure Account Lockout Settings
You can enable Account Lockout to prevent brute force attempts to guess user account passwords. When Account Lockout is enabled, the Firebox temporarily locks a user account after a specified number of consecutive, unsuccessful login attempts, and permanently locks a user account after a specified number of temporary account lockouts.
For detailed steps to configure Account Lockout settings, see Configure Firebox Account Lockout Settings.