Cisco Cisco Web Security Appliance S370 Guia Do Utilizador

Select a Realm or Sequence – choose a defined authentication realm 
or sequence.

Select a Scheme – Choose an authentication scheme:

Kerberos – The client is transparently authenticated by means of 
Kerberos tickets.

Basic – The client always prompts users for credentials. After the 
user enters credentials, browsers typically offer a check box to 
remember the provided credentials. Each time the user opens the 
browser, the client either prompts for credentials or resends the 
previously saved credentials.

Credentials are sent unsecured as clear text (Base64). A packet 
capture between the client and Web Security appliance can reveal 
the user name and password.

NTLMSSP – The client transparently authenticates using its 
Windows login credentials. The user is not prompted for 
credentials.

However, the client prompts the user for credentials under the 
following circumstances:

The Windows credentials failed.

The client does not trust the Web Security appliance because of 
browser security settings.

Credentials are sent securely using a three-way handshake (digest 
style authentication). The password is never sent across the 
connection.

Support Guest privileges – Check this box to grant guest access to 
users who fail authentication due to invalid credentials.

Select a Realm or Sequence – Choose a defined authentication 
realm or sequence.