Cisco Cisco Web Security Appliance S170 사용자 가이드
20-15
Cisco IronPort AsyncOS 7.7.5 for Web User Guide
Chapter 20 Authentication
Working with Authentication Sequences
Deleting Authentication Realms
When you delete a realm, the Web Security appliance automatically deletes that realm from any
sequence that used it. Also, any Identity policy group that depends on the deleted realm becomes
disabled.
sequence that used it. Also, any Identity policy group that depends on the deleted realm becomes
disabled.
Step 1
On the Network > Authentication page, click the trash can icon for the realm name.
Step 2
Confirm that you want to delete the realm by clicking Delete.
Step 3
Commit your changes.
Working with Authentication Sequences
When you create more than one realm, you can group the realms into an authentication sequence. An
authentication sequence is a group of authentication realms listed in the order the Web Security
appliance uses for authenticating clients.
authentication sequence is a group of authentication realms listed in the order the Web Security
appliance uses for authenticating clients.
You can perform any of the following tasks when configuring authentication sequences:
•
Create multiple authentication sequences.
•
Include one or more realms in an authentication sequence.
•
Include realms of different protocols in a single authentication sequence.
•
Assign a realm or a sequence to an Identity group.
You create authentication sequences on the Network > Authentication page under the Realm Sequences
section. the Realm Sequences section only appears when you create two or more realms.
section. the Realm Sequences section only appears when you create two or more realms.
After you create the second realm, the appliance automatically displays the Realm Sequences section
and includes a default authentication sequence named All Realms. The All Realms sequence
automatically includes each realm you define. You can change the order of the realms within the All
Realms sequence, but you cannot delete any of its realms. You cannot delete the All Realms sequence.
and includes a default authentication sequence named All Realms. The All Realms sequence
automatically includes each realm you define. You can change the order of the realms within the All
Realms sequence, but you cannot delete any of its realms. You cannot delete the All Realms sequence.
Note
When multiple NTLM authentication realms are defined, AsyncOS only uses NTLMSSP with one
NTLM authentication realm in any sequence. You can choose which NTLM authentication realm to use
for NTLMSSP for all sequences, including the All Realms sequence. To use NTLMSSP with multiple
NTLM realms, define a separate Identity for each realm.
NTLM authentication realm in any sequence. You can choose which NTLM authentication realm to use
for NTLMSSP for all sequences, including the All Realms sequence. To use NTLMSSP with multiple
NTLM realms, define a separate Identity for each realm.
Creating Authentication Sequences
You can create an authentication sequence when multiple authentication realms are defined.
Step 1
On the Network > Authentication page, click Add Sequence.
Step 2
Enter a name for the sequence in the Name for Realm Sequence field.