User's Manual
Table Of Contents
- ProSecure Web/Email Security Threat Management (STM) Appliance Reference Manual
- Contents
- About This Manual
- Chapter 1 Introduction
- Chapter 2 Using the Setup Wizard to Provision the STM in Your Network
- Choosing a Deployment Scenario
- Understanding the Steps for Initial Connection
- Logging In to the STM
- Using the Setup Wizard to Perform the Initial Configuration
- Setup Wizard Step 1 of 10: Introduction
- Setup Wizard Step 2 of 11: Networking Settings
- Setup Wizard Step 3 of 11: Time Zone
- Setup Wizard Step 4 of 11: Email Security
- Setup Wizard Step 5 of 11: Web Security
- Setup Wizard Step 6 of 11: Email Notification Server Settings
- Setup Wizard Step 7 of 11: Update Settings
- Setup Wizard Step 8 of 11: HTTP Proxy Settings
- Setup Wizard Step 9 of 11: Web Categories
- Setup Wizard Step 10 of 11: Configuration Summary
- Setup Wizard Step 11 of 11: Restarting the System
- Verifying Proper Installation
- Registering the STM with NETGEAR
- What to Do Next
- Chapter 3 Performing Network and System Management
- Configuring Network Settings
- Configuring Session Limits and Timeouts
- Configuring the HTTP Proxy Settings
- About Users with Administrative and Guest Privileges
- Configuring Remote Management Access
- Using an SNMP Manager
- Managing the Configuration File
- Updating the Software
- Configuring Date and Time Service
- Managing Digital Certificates
- Managing the Quarantine Settings
- Performance Management
- Chapter 4 Content Filtering and Optimizing Scans
- About Content Filtering and Scans
- Configuring E-mail Protection
- Configuring Web and Services Protection
- Configuring Application Control
- Setting Scanning Exclusions and Web Access Exceptions
- Chapter 5 Managing Users, Groups, and Authentication
- About Users, Groups, and Domains
- Configuring Groups
- Configuring User Accounts
- Configuring Authentication
- Global User Settings
- Viewing and Logging Out Active Users
- Chapter 6 Monitoring System Access and Performance
- Chapter 7 Troubleshooting and Using Online Support
- Appendix A Default Settings and Technical Specifications
- Appendix B Related Documents
- Index
ProSecure Web/Email Security Threat Management (STM) Appliance Reference Manual
Managing Users, Groups, and Authentication 5-11
v1.0, September 2009
b. Log in again.
c. On the Authentication screen (see Figure 5-8 on page 5-10), click the logout link.
In addition to authentication through the STM’s local user database, the STM supports the
following external authentication methods for users logging in through the User Portal Login
screen:
• LDAP. A network-validated domain-based authentication method that functions with a
Lightweight Directory Access Protocol (LDAP) authentication server. LDAP is a standard
for querying and updating a directory. Because LDAP supports a multilevel hierarchy (for
example, groups or organizational units), this information can be queried to provide
specific group policies or bookmarks based on LDAP attributes.
• Active Directory. A network-validated domain-based authentication method that
functions with a Microsoft Active Directory authentication server. Microsoft Active
Directory authentication servers support a group and user structure. Because the Active
Directory supports a multilevel hierarchy (for example, groups or organizational units),
this information can be queried to provide specific group policies or bookmarks based on
Active Directory attributes. A Microsoft Active Directory database uses an LDAP
organization schema.
• RADIUS. A network-validated PAP or CHAP password-based authentication method that
functions with Remote Authentication Dial In User Service (RADIUS).
The user must know how to return to the User Portal Login screen. The
administrator must provide the User Portal Login URL:
https://<IP_address>/~common/cgi-bin/user_login.pl
or
https://<FullyQualifiedDomainName>/~common/cgi-bin/user_login.pl
Alternately, the administrator can provide the NETGEAR Configuration
Manager Login screen, from where the user can access the User Portal Login
screen:
https://<IP_address>
or
https://<FullyQualifiedDomainName>
Warning: Ensure that users understand that they must log out after completing a
session in order to prevent subsequent users from inheriting access
privileges that were not assigned to them.