Cisco Cisco Web Security Appliance S660 Guida Utente

If authentication fails for accepted reasons, such as incompatible client applications, you can grant 
guest access. 

If authentication succeeds but authorization fails, it is possible to allow re-authentication using a 
different set of credentials that may be authorized to access the requested resource.

Enable credential encryption to transmit credentials over HTTPS in encrypted form. This increases 
security of the basic authentication process. 

The Web Security appliance uses its own certificate and private key by default to create an HTTPS 
connection with the client for the purposes of secure authentication. Most browsers will warn users, 
however, that this certificate is not valid. To prevent users from seeing the invalid certificate message, 
you can upload a valid certificate and key pair that your organization uses.

Configure the appliance to use IP surrogates.

(Optional) Obtain a certificate and unencrypted private key. The certificate and key configured here 
are also used by Access Control.

Choose Network > Authentication.

Click Edit Global Settings.

Check the Use Encrypted HTTPS Connection For Authentication check box in the Credential 
Encryption field.

NTLMSSP

MyDomain\jsmith

Basic

jsmith

MyDomain\jsmith

If the user does not enter the Windows domain, the Web Proxy 
prepends the default Windows domain.