8e6 Technologies Enterprise Filter Authentication R3000 User Manual

Other manuals for Enterprise Filter Authentication R3000: Quick Start Manual, User Manual, Quick Start Manual, Quick Start Manual, Quick Start Manual, User Manual, Quick Start Manual, User Manual, User Manual, User Manual, User Manual, User Manual

Manual is about: Enterprise Filter

Page of 277

Download

Print this page

Bookmark us

R3000

| Enterprise Filter

8e6

USER

GUIDE

Model: R3000

Release 1.10.

20 / Version No.: 1.01

for Authentication

1 2 3 4 5 6 7 Next › »

Summary of Enterprise Filter Authentication R3000

Page 2
Ii 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide.
Page 3: R3000 E
8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide iii r3000 e nterprise f ilter a uthentication u ser g uide © 2006 8e6 technologies all rights reserved. 828 w. Taft ave., orange, ca 92865, usa version 1.01, published december 2006 to be used with r3000 user guide version ...
Page 4
Iv 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide.
Page 5: Ontents
8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide v c ontents c hapter 1: i ntroduction ..........................................1 about this user guide ................................................................ 1 how to use this user guide ............................
Page 6
C ontents vi 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide r3000 authentication tiers ............................................................. 23 tier 1: single sign-on authentication ............................................. 25 net use based authentication pr...
Page 7: 2: N
C ontents 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide vii authentication solution compatibility .............................................. 53 configuring the r3000 for authentication ....................................... 54 configuration procedures ...............
Page 8: 3: Nt A
C ontents viii 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide enable, disable features.................................................... 91 authentication form customization .......................................... 93 preview sample authentication request form ........
Page 9: 5: A
C ontents 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide ix user objects ........................................................................... 130 address info ........................................................................... 131 account info ..............
Page 10: 6: T
C ontents x 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide step 7: disable filter options ................................................... 170 step 8: attempt to access web content . ................................ 171 test net use based authentication settings .......
Page 11
C ontents 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide xi user/group file format and rules ........................................ 209 username formats ....................................................................... 209 rule criteria ............................
Page 12
C ontents xii 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide if pop-up blocking is enabled .................................................. 237 add override account to the white list ..................................... 237 google toolbar pop-up blocker ................
Page 13: Hapter
C hapter 1: i ntroduction a bout this u ser g uide 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 1 c hapter 1: i ntroduction the r3000 authentication user guide contains information about setting up authentication on the network. About this user guide this user guide a...
Page 14: How to Use This User Guide
C hapter 1: i ntroduction h ow to u se this u ser g uide 2 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide blocker software installed; a glossary on authentication terms, and an index. How to use this user guide conventions the following icons are used throughout this us...
Page 15: Terminology
C hapter 1: i ntroduction h ow to u se this u ser g uide 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 3 terminology the following terms are used throughout this user guide. Sample images (not to scale) are included for each item. • alert box - a message box that opens...
Page 16
C hapter 1: i ntroduction h ow to u se this u ser g uide 4 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide • dialog box - a box that opens in response to a command made in a window or screen, and requires your input. You must choose an option by clicking a button (such a...
Page 17
C hapter 1: i ntroduction h ow to u se this u ser g uide 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 5 • pop-up box or pop-up window - a box or window that opens after you click a button in a dialog box, window, or screen. This box or window may display infor- mation...
Page 18
C hapter 1: i ntroduction h ow to u se this u ser g uide 6 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide • sub-topic - a subset of a main topic that displays as a menu item for the topic. The menu of subtopics opens when a pertinent topic link in the left panel—the con...
Page 19
C hapter 1: i ntroduction h ow to u se this u ser g uide 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 7 • tree - a tree displays in the control panel of a screen, and is comprised of a hierarchical list of items. An entity associated with a branch of the tree is prece...
Page 20: Filtering Elements
C hapter 1: i ntroduction f iltering e lements 8 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide filtering elements filtering operations include the following elements: groups, filtering profiles and their components, and rules for filtering. Group types in the group sec...
Page 21: Ip Groups
C hapter 1: i ntroduction f iltering e lements 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 9 ip groups the ip group type is represented in the tree by the ip icon . A master ip group is comprised of sub-group members and/or individual ip members . The global administ...
Page 22: Nt Domain Groups
C hapter 1: i ntroduction f iltering e lements 10 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide nt domain groups an nt domain on a network server is comprised of windows nt groups and their associated members (users), derived from profiles on the network’s domain contr...
Page 23: Ldap Domain Groups
C hapter 1: i ntroduction f iltering e lements 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 11 ldap domain groups an ldap (lightweight directory access protocol) domain on a network server is comprised of ldap groups and their associated members (users), derived from ...
Page 24: Filtering Profile Types
C hapter 1: i ntroduction f iltering e lements 12 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide filtering profile types a filtering profile is used by all users who are set up to be filtered on the network. This profile consists of rules that dictate whether a user has...
Page 25: Static Filtering Profiles
C hapter 1: i ntroduction f iltering e lements 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 13 other filtering profiles • override account profile - set up in either the global group section or the master group section of the console. Note: an override account set up ...
Page 26: Active Filtering Profiles
C hapter 1: i ntroduction f iltering e lements 14 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide active filtering profiles active filtering profiles include the global group profile, nt/ ldap authentication profile, override account profile, time profile, and lock profi...
Page 27: Override Account Profile
C hapter 1: i ntroduction f iltering e lements 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 15 override account profile if any user needs access to a specified url that is set up to be blocked, the global administrator or group administrator can create an override acc...
Page 28: Filtering Profile Components
C hapter 1: i ntroduction f iltering e lements 16 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide filtering profile components filtering profiles are comprised of the following compo- nents: • library categories - used when creating a rule, minimum filtering level, or fi...
Page 29: Library Categories
C hapter 1: i ntroduction f iltering e lements 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 17 library categories a library category contains a list of web site addresses and keywords for search engines and urls that have been set up to be blocked or white listed. Lib...
Page 30: Service Ports
C hapter 1: i ntroduction f iltering e lements 18 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide service ports service ports are used when setting up filter segments on the network (the range of ip addresses/netmasks to be detected by the r3000), the global (default) fi...
Page 31: Filter Settings
C hapter 1: i ntroduction f iltering e lements 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 19 note: if the minimum filtering level is not set up, global (default) filtering settings will apply instead. Filter settings categories and service ports use the following se...
Page 32: Filtering Rules
C hapter 1: i ntroduction f iltering e lements 20 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide filtering rules individual user profiles - a user in an nt or ldap domain can have only one individual profile set up per domain. Filtering levels applied: 1. The global (de...
Page 33
C hapter 1: i ntroduction f iltering e lements 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 21 6. For nt/ldap users, if a user is authenticated, settings for the user’s group or individual profile from the nt/ ldap domain are applied and take precedence over any ip pr...
Page 34
C hapter 1: i ntroduction f iltering e lements 22 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide fig. 1-4 sample filtering hierarchy diagram.
Page 35: Authentication Operations
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 23 authentication operations r3000 authentication protocols the r3000 supports two types of authentication protocols: windows nt lan manager (ntlm), and lightweight dire...
Page 36
C hapter 1: i ntroduction a uthentication o perations 24 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide tory server, the novell edirectory agent can be used instead to authenticate end users. Note: see 8e6 authenticator and novell edirectory agent for information on set...
Page 37
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 25 tier 1: single sign-on authentication net use based authentication process the following diagram and steps describe the operations of the net use based user authentic...
Page 38: Re-Authentication Process
C hapter 1: i ntroduction a uthentication o perations 26 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 4. Upon creating the ipc share, the software in the r3000 queries the network authentication server with the user's login name and password sent by the workstation. 5...
Page 39: Authentication Methods
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 27 authentication methods tier 1 supports two server authentication methods: server message block (smb) and ldap. Smb protocol smb is a client/server protocol that requi...
Page 40: Ldap Protocol
C hapter 1: i ntroduction a uthentication o perations 28 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide note: for information on smb signing compatibility with the r3000, refer to the chart in appendix d: disable smb signing requirements. Ldap protocol ldap is a directo...
Page 41: Name Resolution Methods
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 29 name resolution methods the name resolution process occurs when the r3000 attempts to resolve the ip address of the authentication server with the machine name of tha...
Page 42: Server Setup Types
C hapter 1: i ntroduction a uthentication o perations 30 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide authentication setup procedures server setup types r3000 authentication is designed to support the following server types for the specified tier(s): tier 1: net use b...
Page 43
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 31 configuring the authentication server when configuring authentication, you must first go to the authentication server and make all necessary entries before configurin...
Page 44: Login Scripts
C hapter 1: i ntroduction a uthentication o perations 32 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide login scripts login (or logon) scripts are used by the r3000 server for reauthenticating users on the network. The following syntax must be entered in the appropriate...
Page 45
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 33 view login script on the server console the login script can be viewed on the authentication server console. This script resides in a different location on the server...
Page 46
C hapter 1: i ntroduction a uthentication o perations 34 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide block page authentication login scripts in addition to the use of login scripts in the console of the authentication server, a login script path must be entered in th...
Page 47: Ldap Server Setup Rules
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 35 ldap server setup rules warning: the instructions in this user guide have been docu- mented based on standard default settings in ldap for microsoft active directory ...
Page 48
C hapter 1: i ntroduction a uthentication o perations 36 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide tier 2: time-based, web authentication the following diagram and steps describe the operations of the time-based authentication process: fig. 1-6 web-based authentica...
Page 49
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 37 tier 2 implementation in an environment in an environment where tier 2 time-based profiles have been implemented, end users receive filtering profiles after correctly...
Page 50: Tier 2 Script
C hapter 1: i ntroduction a uthentication o perations 38 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide tier 2 script if using tier 2 only, this script should be inserted into the network’s login script. If the network also uses a logoff script, 8e6’s script should be i...
Page 51: Tier 1 and Tier 2 Script
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 39 tier 1 and tier 2 script in an environment in which both tier 1 and tier 2 are used, this version of 8e6’s script should be inserted into the network’s login script. ...
Page 52
C hapter 1: i ntroduction a uthentication o perations 40 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide :try1 net use \\10.10.10.10\r3000$ if errorlevel 1 goto :try2 if errorlevel 0 echo code 0: success goto :end :try2 net use \\10.10.10.10\r3000$ if errorlevel 1 goto :...
Page 53
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 41 tier 3: session-based, web authentication the diagram on the previous page (fig. 1-6) and steps below describe the operations of the session-based authen- tication pr...
Page 54: 8E6 Authenticator
C hapter 1: i ntroduction a uthentication o perations 42 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 8e6 authenticator the 8e6 authenticator ensures the end user is authenti- cated on his/her workstation, via an executable file that launches during the login process....
Page 55: Workstation Requirements
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 43 recommended system requirements the following server components are recommended for optimal performance when using netware edirectory server 6.5: • server-class pc wi...
Page 56
C hapter 1: i ntroduction a uthentication o perations 44 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide work flow in a windows environment 1. The administrator stores the 8e6 authenticator client (authenticat.Exe) in a network-shared location that a login script can acc...
Page 57
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 45 8e6 authenticator configuration priority the source and order in which parameters are received and override one another are described below. Note: any parameter set a...
Page 58: Sample Configuration File
C hapter 1: i ntroduction a uthentication o perations 46 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 8e6 authenticator configuration syntax all configuration parameters, regardless of their source, will use the following format/syntax: waa[b]w{c}w {parameter ‘aa’ wit...
Page 59: Table Of Parameters
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 47 you only need to change the options you do not wish to remain as default. Often the ip address of the r3000 (ra) and the log file (lf) are the most desired options to...
Page 60
C hapter 1: i ntroduction a uthentication o perations 48 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide + if ut[0] is set, then the novell environment will be ignored, if present, and only the windows environment information will be retrieved and sent to the r3000. If u...
Page 61
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 49 rp[] affects port-less addresses specified in the rv[] command as well. • for ra[], each ip address is separated by a semi-colon ‘;’ and the first ip address will be ...
Page 62: Novell Edirectory Agent
C hapter 1: i ntroduction a uthentication o perations 50 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide novell edirectory agent novell edirectory agent provides single sign-on (sso) authentication for an r3000 set up in a novell edirectory environment. Using novell edir...
Page 63: Client Workstations
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 51 client workstations to use this option, all end users must log in the network. The following os have been tested: • windows 2000 professional • windows xp • macintosh...
Page 64: R3000 Setup and Event Logs
C hapter 1: i ntroduction a uthentication o perations 52 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide r3000 setup and event logs when using a novell edirectory server and choosing to use the novell edirectory agent option in the r3000: • enable novell edirectory agent...
Page 65
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 53 authentication solution compatibility below is a chart representing the authentication solution compatibility for a single user: key: • n/a = not applicable • n/r = n...
Page 66: Configuration Procedures
C hapter 1: i ntroduction a uthentication o perations 54 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide configuring the r3000 for authentication configuration procedures when configuring the r3000 server for authentication, settings must be made in system and group wind...
Page 67
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 55 the entries made in this window will vary depending on whether you are using the invisible mode, or the router or firewall mode. The lan 1 and lan 2 ip addresses shou...
Page 68
C hapter 1: i ntroduction a uthentication o perations 56 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide in the settings frame, enter general configuration settings for the r3000 server such as ip address entries. In the nic device to use for authentication field: • if u...
Page 69: Group Section
C hapter 1: i ntroduction a uthentication o perations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 57 group section in the group section of the administrator console, choose nt or ldap, and then do the following: 1. Add a domain from the network to the list of domains...
Page 70: Hapter
C hapter 2: n etwork s etup e nvironment r equirements 58 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide c hapter 2: n etwork s etup environment requirements workstation requirements administrator minimum system requirements for the administrator include the following: ...
Page 71: Network Requirements
C hapter 2: n etwork s etup e nvironment r equirements 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 59 network requirements • high speed connection from the r3000 server to the client workstations • ftp or https connection to 8e6’s patch server • internet connectivity...
Page 72: Specify The Operation Mode
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 60 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide set up the network for authentication the first settings for authentication must be made in the system section of the console in the following windows:...
Page 73
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 61 the entries made in this window will vary depending on whether you will be using the invisible mode, or the router or firewall mode. 1. In the mode fra...
Page 74
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 62 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide specify the subnet mask, ip address(es) click network and select lan settings from the pop-up menu to display the lan settings window: fig. 2-2 lan set...
Page 75: Invisible Mode
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 63 invisible mode for the lan1 ip (eth0) address, select 255.255.255.255for the subnet mask, and click apply. Router or firewall mode 1. Enter the followi...
Page 76
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 64 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide enable authentication, specify criteria 1. Click authentication and select enable/disable authenti- cation from the pop-up menu to display the enable/ ...
Page 77
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 65 4. In the 8e6 authenticator frame, be sure the 8e6 authen- ticator is “on”—unless the novell edirectory agent option will be used instead. When enablin...
Page 78: Net Use Based Authentication
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 66 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide net use based authentication tier 1: web-based authentication disabled (net use enabled) – choose this option if you will be using net use based authen...
Page 79: Web-Based Authentication
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 67 web-based authentication choose either tier 2 or tier 3 if web-based authentication will be used. Note: if selecting either tier 2 or tier 3, please be...
Page 80
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 68 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide tier 3: use persistent logins via a java applet – choose this option if using nt and/or ldap authentication, and you want the user to maintain a persis...
Page 81
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 69 fig. 2-5 tier 3 dialog box 3. To ensure that end-users are using the most current version of jre, choose the method for distributing the current versio...
Page 82
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 70 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide enter network settings for authentication 1. Click authentication and select authentication settings from the pop-up menu to display the authentication...
Page 83
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 71 3. In the virtual ip address to use for authentication field,1.2.3.5 displays by default. If using tier 1 or tier 3, enter the ip address that from now...
Page 84: Create An Ssl Certificate
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 72 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide create an ssl certificate authentication ssl certificate should be used if web-based authentication will be deployed on the r3000 server. Using this fe...
Page 85
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 73 create, download a self-signed certificate 1. On the self signed certificate tab, click create self signed certificate to generate the ssl certificate....
Page 86
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 74 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide once the certificate is saved to your workstation, it can be distributed to client workstations for users who need to be authenticated. Tip: click dele...
Page 87
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 75 2. Click create csr to open the create csr pop-up window: fig. 2-10 create csr pop-up window the common name (host name) field should automat- ically b...
Page 88
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 76 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide upload a third party certificate 1. Click upload certificate to open the upload signed ssl certificate for r3000 pop-up window: fig. 2-11 upload signed...
Page 89
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 77 download a third party certificate 1. In the authentication ssl certificate window, click download/view csr to open a pop-up window containing the cont...
Page 90: View Log Results
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 78 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide view log results use the view log file window if you need to troubleshoot any problems with the authentication setup process. 1. Click diagnostics and ...
Page 91
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 79 • “wbwatch log (wbwatch.Log)” - used for viewing messages on attempts to join the domain via the authentication settings window. • “authentication log ...
Page 92
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 80 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 4. Click view to display results in the result pop-up window: fig. 2-14 view log file result pop-up window 5. Click the “x” in the upper right corner o...
Page 93: Specify Block Page Settings
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 81 specify block page settings click control and select block page authentication from the pop-up menu to display the block page authentication window: fi...
Page 94: Block Page Authentication
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 82 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide block page authentication 1. In the re-authentication options field of the details frame, all block page options are selected by default, except for we...
Page 95: Block Page
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 83 block page when a user attempts to access internet content set up to be blocked, the block page displays on the user’s screen: fig. 2-16 block page not...
Page 96: User/machine Frame
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 84 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide user/machine frame by default, the following data displays in the user/machine frame: • user/machine field - the username displays for the nt/ ldap use...
Page 97: Optional Links
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 85 optional links by default, these links are included in the block page under the following conditions: • for further options, click here. - this phrase ...
Page 98: Options Page
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 86 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide options page the options page displays when the user clicks the following link in the block page: for further options, click here. Fig. 2-17 options pa...
Page 99: Option 1
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 87 option 1 option 1 is included in the options page if “web-based authentication” was selected at the re-authentication options field in the block page a...
Page 100: Option 2
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 88 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide option 2 the following phrase/link displays, based on options selected at the re-authentication options field in the block page authentication window: ...
Page 101: Option 3
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 89 option 3 option 3 is included in the options page, if “override account” was selected at the re-authentication options field in the block page authenti...
Page 102: Common Customization
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 90 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide common customization common customization lets you specify elements to be included in block pages and/or the authentication request form end users will...
Page 103: Enable, Disable Features
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 91 enable, disable features 1. Click “on” or “off” to enable or disable the following elements in the html pages, and make entries in fields to display cu...
Page 104
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 92 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide • help link url - by default, http://www.8e6.Com/tech- support/deniedresponse.Html displays as the help link url. Enter the url to be used when the end...
Page 105
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 93 authentication form customization to customize the authentication request form, click customization and select authentication form from the pop-up menu...
Page 106
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 94 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 1. Make an entry in any of the following fields: • in the header field, enter a static header to be displayed at the top of the authentication request ...
Page 107
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 95 preview sample authentication request form 1. Click preview to launch a separate browser window containing a sample authentication request form, based ...
Page 108
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 96 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide by default, the following standard links are included in the authentication request form: • help - clicking this link takes the user to 8e6’s tech- nic...
Page 109: Block Page Customization
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 97 block page customization to customize the block page, click customization and select block page from the pop-up menu: fig. 2-23 block page customizatio...
Page 110
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 98 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 1. Make an entry in any of the following fields: • in the header field, enter a static header to be displayed at the top of the block page. • in the de...
Page 111: Preview Sample Block Page
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 99 preview sample block page 1. Click preview to launch a separate browser window containing a sample customized block page, based on entries saved in thi...
Page 112
C hapter 2: n etwork s etup s et up the n etwork for a uthentication 100 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide by default, the following standard links are included in the block page: • help - clicking this link takes the user to 8e6’s tech- nical support page ...
Page 113: Hapter
C hapter 3: nt a uthentication s etup j oin the nt d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 101 c hapter 3: nt a uthentication s etup note: if you are running a windows 2000 or windows 2003 server and are using the ntlm authentication protocol, then you ne...
Page 114
C hapter 3: nt a uthentication s etup j oin the nt d omain 102 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide information should only be entered in the nt authentication server details frame if the r3000 will use the nt authenti- cation method to authenticate users. Not...
Page 115: Create An Nt Domain
C hapter 3: nt a uthentication s etup c reate an nt d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 103 create an nt domain after joining the domain, go to the group section of the console and add an nt domain that contains entities to be authenticated. Add an nt...
Page 116: Refresh The Nt Branch
C hapter 3: nt a uthentication s etup c reate an nt d omain 104 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 7. Click apply to add the domain to the tree. Refresh the nt branch click nt in the control panel to open the pop-up menu, and select refresh whenever changes ...
Page 117: Domain Settings
C hapter 3: nt a uthentication s etup c reate an nt d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 105 view or modify nt domain details domain settings 1. Double-click nt in the control panel to open the nt branch of the group tree. Select the nt domain you adde...
Page 118
C hapter 3: nt a uthentication s etup c reate an nt d omain 106 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 2. For the domain settings: • the domain name entered in the create domain controller dialog box displays greyed-out and cannot be modified. • the following fi...
Page 119: Default Rule
C hapter 3: nt a uthentication s etup c reate an nt d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 107 default rule 1. Click the default rule tab to display the default rule settings of the nt domain details window: fig. 3-4 nt domain details window, default rul...
Page 120: Delete An Nt Domain
C hapter 3: nt a uthentication s etup c reate an nt d omain 108 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide • filter options that have been selected display check marks in corresponding checkboxes for “x strikes blocking”, “google/yahoo! Safe search enforcement”, “se...
Page 121
C hapter 3: nt a uthentication s etup s et up nt d omain g roups , m embers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 109 set up nt domain groups, members in the control panel, the nt domain branch of the tree menu includes options for setting up groups and/or memb...
Page 122
C hapter 3: nt a uthentication s etup s et up nt d omain g roups , m embers 110 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide select the nt domain, and choose select group/member from domain from the pop-up menu to display the select groups/members from domain window (...
Page 123
C hapter 3: nt a uthentication s etup s et up nt d omain g roups , m embers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 111 warning: when adding an nt group or member to the tree list, the group/member will be blocked from internet access if the minimum filtering lev...
Page 124
C hapter 3: nt a uthentication s etup s et up nt d omain g roups , m embers 112 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide notes: groups automatically populate the profile group(s) list box, if these groups have one or more identical users and were added to the tree...
Page 125
C hapter 3: nt a uthentication s etup s et up nt d omain g roups , m embers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 113 manually add a user’s name to the tree 1. Select the nt domain, and choose manually add member from the pop-up menu to open the manually add me...
Page 126
C hapter 3: nt a uthentication s etup s et up nt d omain g roups , m embers 114 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide manually add a group’s name to the tree 1. Select the nt domain, and choose manually add group from the pop-up menu to open the manually add gr...
Page 127
C hapter 3: nt a uthentication s etup s et up nt d omain g roups , m embers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 115 upload a file of filtering profiles to the tree 1. Select the nt domain, and choose upload user/group profile from the pop-up menu to display t...
Page 128
C hapter 3: nt a uthentication s etup s et up nt d omain g roups , m embers 116 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide fig. 3-10 upload member profile file window 3. Click browse to open the choose file window. 4. Select the file to be uploaded. Warning: any fil...
Page 129
C hapter 3: nt a uthentication s etup s et up nt d omain g roups , m embers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 117 5. Click upload file to upload this file to the server. The upload successful pop-up window informs you to click reload in order for these chan...
Page 130
C hapter 3: nt a uthentication s etup c reate and m aintain nt p rofiles 118 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide create and maintain nt profiles once an nt group or member has been added to the tree, a filtering profile can be created and maintained for that ...
Page 131
C hapter 3: nt a uthentication s etup c reate and m aintain nt p rofiles 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 119 this window is used for viewing profile information about a group, and for adding members to a group. In the group details frame, the following de...
Page 132
C hapter 3: nt a uthentication s etup c reate and m aintain nt p rofiles 120 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide add or maintain an entity’s profile select the nt domain, and choose profile from the pop-up menu to display the default category tab of the profi...
Page 133: Category Profile
C hapter 3: nt a uthentication s etup c reate and m aintain nt p rofiles 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 121 category profile category profile is used for creating the categories portion of the filtering profile for the entity. Note: in order to use this ...
Page 134: Redirect Url
C hapter 3: nt a uthentication s etup c reate and m aintain nt p rofiles 122 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide tip: multiple categories can be selected by clicking each cate- gory while pressing the ctrl key on your keyboard. Blocks of cate- gories can be s...
Page 135: Filter Options
C hapter 3: nt a uthentication s etup c reate and m aintain nt p rofiles 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 123 redirect url is used for specifying the url to be used for redirecting users who attempt to access a site or service set up to be blocked. 1. Spec...
Page 136
C hapter 3: nt a uthentication s etup c reate and m aintain nt p rofiles 124 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide filter options is used for specifying which filter option(s) will be applied to the entity’s filtering profile. 1. Click the checkbox(es) correspo...
Page 137: Hapter
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 125 c hapter 4: ldap a uthentication s etup create an ldap domain in the group section of the console, add an ldap domain that contains entities to be authenti...
Page 138: Refresh The Ldap Branch
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 126 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide refresh the ldap branch click ldap in the control panel to open the pop-up menu, and select refresh whenever changes have been made in this branch of the t...
Page 139: Ldap Server Type
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 127 the ldap domain window is comprised of the following wizard tabs: type, group, user, address, account, ssl, alias list, and default rule. By going through ...
Page 140: Group Objects
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 128 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide • click next to go to the group tab. Warning: the contents of the tabs for user and group do not normally need to be changed. The settings on these tabs ar...
Page 141
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 129 by default, the include list will be populated with appro- priate group objects, based on the server type. • generally, no action needs to be performed on ...
Page 142: User Objects
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 130 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide user objects the user tab is used for including or excluding user objects in the ldap domain. Fig. 4-4 domain details window, user tab by default, the incl...
Page 143: Address Info
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 131 • a user object name can be edited by selecting the user object from the appropriate list box, editing the name in the field, and then clicking the edit bu...
Page 144
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 132 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide note: if the dns settings are not published in the ldap direc- tory, the server dns name, dns domain name, and ldap query base fields will not be populated...
Page 145
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 133 • by default, the ldap query base displays the root of the ldap database to query using the ldap syntax, i.E. Dc=domain,dc=com. The entry in this field is ...
Page 146: Account Info
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 134 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide account info fig. 4-6 domain details window, account tab 1. If your ldap database does not require a username to be provided in order to bind to the ldap d...
Page 147: Ssl Settings
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 135 ssl settings ssl settings should be made if your network requires a secure connection from the r3000 to the ldap server. Fig. 4-7 domain details window, ss...
Page 148
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 136 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide fig. 4-8 upload ssl certificate for ldaps 3. Click browse to open the choose file window and select the r3000 server’s ssl certificate. 4. Click upload fil...
Page 149: Alias List
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 137 alias list the alias list will be automatically populated if the account name was entered in the account tab. This list includes all alias names for the do...
Page 150
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 138 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide after the search is completed, the search in progress box closes, and the list displays the alias name and the corre- sponding ldap container name. Note: i...
Page 151: Default Rule
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 139 default rule the default rule applies to any authenticated user in the ldap domain who does not have a filtering profile. Fig. 4-11 domain details window, ...
Page 152
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 140 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide if custom url is selected, enter the redirect url in the text box. • click the checkbox(es) corresponding to the option(s) to be applied to the filtering p...
Page 153: Configure A Backup Server
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 141 default rule for novell edirectory if “novell edirectory” was selected for the ldap server type, and the novell edirectory agent option was enabled in the ...
Page 154
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 142 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide fig. 4-13 backup server configuration, address info note: the back and save buttons can be clicked at any time during the wizard setup process. Click close...
Page 155
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 143 • netbios domain name - an entry in this field is optional • server ldaps port - by default, 636 displays in this field • server ldap port - by default, th...
Page 156
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 144 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide a. Enter the authorized user's full ldap distinguished name in the ldap account name field. For example: cn=administrator,cn=users,dc=qc2domain, dc=local b...
Page 157: Delete A Domain
C hapter 4: ldap a uthentication s etup c reate an ldap d omain 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 145 c. Click browse to open the choose file window and select the r3000 server’s ssl certificate. D. Click upload file to upload the ssl certificate to the r30...
Page 158
C hapter 4: ldap a uthentication s etup s et up ldap d omain g roups , m embers 146 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide set up ldap domain groups, members in the control panel, the ldap domain branch of the tree menu includes options for setting up groups and...
Page 159: Perform A Basic Search
C hapter 4: ldap a uthentication s etup s et up ldap d omain g roups , m embers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 147 select the ldap domain, and choose select group/ member from domain from the pop-up menu to display the ldap user/group browser window (see...
Page 160
C hapter 4: ldap a uthentication s etup s et up ldap d omain g roups , m embers 148 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide • search within existing results – to search within the list of records returned by your initial query, change your search criteria, and th...
Page 161: Delete A Rule
C hapter 4: ldap a uthentication s etup s et up ldap d omain g roups , m embers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 149 delete a rule to delete a rule from a profile, the entity must currently display in the grid and have a rule assigned to the profile. 1. Cl...
Page 162
C hapter 4: ldap a uthentication s etup s et up ldap d omain g roups , m embers 150 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide this window is used for designating which group profile will be assigned to a user when he/she logs in. If a user is a member of multiple g...
Page 163
C hapter 4: ldap a uthentication s etup s et up ldap d omain g roups , m embers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 151 tip: ldap usernames should be input exactly as entered as entered for the ldap distinguished name. Examples: cn=jane doe, cn=users, dc=qc, ...
Page 164
C hapter 4: ldap a uthentication s etup s et up ldap d omain g roups , m embers 152 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide note: see add or maintain the entity’s profile under create and maintain ldap profiles for information on defining the filtering profile fo...
Page 165
C hapter 4: ldap a uthentication s etup s et up ldap d omain g roups , m embers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 153 fig. 4-21 upload member profile file window 3. Click browse to open the choose file window. 4. Select the file to be uploaded. Warning: any...
Page 166
C hapter 4: ldap a uthentication s etup s et up ldap d omain g roups , m embers 154 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 5. Click upload file to upload this file to the server. The upload successful pop-up window informs you to click reload in order for these ...
Page 167
C hapter 4: ldap a uthentication s etup c reate , m aintain ldap p rofiles 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 155 create, maintain ldap profiles once an ldap group or member has been added to the tree, a filtering profile can be created and maintained for th...
Page 168
C hapter 4: ldap a uthentication s etup c reate , m aintain ldap p rofiles 156 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide this window is used for viewing profile information about a group, and for adding members to a group. In the group details frame, the following ...
Page 169
C hapter 4: ldap a uthentication s etup c reate , m aintain ldap p rofiles 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 157 add or maintain an entity’s profile select the ldap domain, and choose profile from the pop- up menu to display the default category tab of the ...
Page 170: Category Profile
C hapter 4: ldap a uthentication s etup c reate , m aintain ldap p rofiles 158 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide category profile category profile is used for creating the categories portion of the filtering profile for the entity. Note: in order to use thi...
Page 171: Redirect Url
C hapter 4: ldap a uthentication s etup c reate , m aintain ldap p rofiles 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 159 tip: multiple categories can be selected by clicking each cate- gory while pressing the ctrl key on your keyboard. Blocks of cate- gories can be...
Page 172: Filter Options
C hapter 4: ldap a uthentication s etup c reate , m aintain ldap p rofiles 160 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide redirect url is used for specifying the url to be used for redirecting users who attempt to access a site or service set up to be blocked. 1. Sp...
Page 173
C hapter 4: ldap a uthentication s etup c reate , m aintain ldap p rofiles 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 161 filter options is used for specifying which filter option(s) will be applied to the entity’s filtering profile. 1. Click the checkbox(es) corres...
Page 174: Hapter
C hapter 5: a uthentication d eployment t est a uthentication s ettings 162 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide c hapter 5: a uthentication d eployment this final step of the authentication setup process includes testing authentication settings and activating...
Page 175
C hapter 5: a uthentication d eployment t est a uthentication s ettings 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 163 note: in order to complete the test process, you should be sure you have your own filtering profile set up. To verify that authentication is workin...
Page 176
C hapter 5: a uthentication d eployment t est a uthentication s ettings 164 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide test web-based authentication settings to verify that authentication is working properly, make the following settings in the group section of the c...
Page 177
C hapter 5: a uthentication d eployment t est a uthentication s ettings 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 165 step 2: create a sub-group, “workstation” 1. Select the ip group from the tree. 2. Click add sub group in the pop-up menu to open the create sub gr...
Page 178
C hapter 5: a uthentication d eployment t est a uthentication s ettings 166 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide step 3: set up “test” with a 32-bit net mask 1. Select the ip group named “test” from the tree. 2. Click members in the pop-up menu to display the ...
Page 179
C hapter 5: a uthentication d eployment t est a uthentication s ettings 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 167 step 4: give “workstation” a 32-bit net mask 1. Select the ip sub-group “workstation” from the tree. 2. Click members in the pop-up menu to display...
Page 180
C hapter 5: a uthentication d eployment t est a uthentication s ettings 168 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide step 5: block everything for the sub-group 1. Select the ip sub-group “workstation” from the tree. 2. Click sub group profile in the pop-up menu to...
Page 181: Redirect Url
C hapter 5: a uthentication d eployment t est a uthentication s ettings 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 169 5. Click apply. Step 6: use authentication request page for redirect url 1. Click the redirect url tab to display the redirect url page: fig. 5-7 s...
Page 182
C hapter 5: a uthentication d eployment t est a uthentication s ettings 170 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide step 7: disable filter options 1. Click the filter options tab to display the filter options page: fig. 5-8 sub group profile window, filter option...
Page 183
C hapter 5: a uthentication d eployment t est a uthentication s ettings 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 171 step 8: attempt to access web content note: for this step, you must have your own profile set up in order to complete the test process. 1. Launch i...
Page 184
C hapter 5: a uthentication d eployment t est a uthentication s ettings 172 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide fig. 5-10 authentication request form 4. Enter the following information: • username • password if the domain and alias fields display, select the ...
Page 185
C hapter 5: a uthentication d eployment t est a uthentication s ettings 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 173 test net use based authentication settings 1. From the test workstation, go to the net use command line and enter the net use command using the fol...
Page 186
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 174 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide activate authentication on the network after successfully testing authentication settings, you are now ready to activate authentication o...
Page 187: Ip Group
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 175 activate web-based authentication for an ip group ip group authentication is the preferred selection for web- based authentication—over t...
Page 188
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 176 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide step 2: set “webauth” to cover users in range 1. Select the ip group “webauth” from the tree. 2. Click members in the pop-up menu to disp...
Page 189
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 177 step 3: create an ip sub-group 1. Select the ip group “webauth” from the tree. 2. Click add sub group in the pop-up menu to open the crea...
Page 190
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 178 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide fig. 5-14 sub group members window 7. Click the radio button corresponding to “member”. 8. In the member fields, enter the ip address ran...
Page 191
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 179 step 4: block everything for the sub-group 1. Select the ip sub-group from the tree. 2. Click sub group profile in the pop-up menu to dis...
Page 192: Redirect Url
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 180 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 5. Click apply. Step 5: use authentication request page for redirect url 1. Click the redirect url tab to display the redirect url page: ...
Page 193
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 181 sent to the authentication request form if he/she attempts to access content on the internet. After filling out this form and being authe...
Page 194: Traffic
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 182 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide step 7: set global group to filter unknown traffic 1. Click global group in the tree to open the pop-up menu. 2. Select global group prof...
Page 195
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 183 fig. 5-19 global group profile window, port tab a. In the port page, enter the port number to be blocked. B. Click add to include the por...
Page 196
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 184 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 4. Click the default redirect url tab to display the default redirect url page: fig. 5-20 global group profile window, default redirect u...
Page 197
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 185 5. Click the filter options tab to display the filter options page: fig. 5-21 global group profile window, filter options tab a. Select f...
Page 198
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 186 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide as a result of these entries, the standard block page will display—instead of the authentication request form— when any user in this sub-...
Page 199: Global Group
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 187 activate web-based authentication for the global group this selection of web-based authentication creates more of a load on the r3000 tha...
Page 200: Range to Detect
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 188 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide step 1a: block web access, logging via range to detect note: segments of network traffic should not be defined if using the firewall mode...
Page 201
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 189 fig. 5-24 range to detect settings window, main window 4. Click start the setup wizard to display step 1 of the range to detect setup wiz...
Page 202
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 190 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide range to detect setup wizard fig. 5-25 range to detect setup wizard, step 1 1. Enter the ip address and specify the netmask, or enter the...
Page 203
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 191 fig. 5-26 range to detect setup wizard, step 2 3. An entry for this step of the wizard is optional. If there are destination ip address(e...
Page 204
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 192 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide f ig. 5-27 range to detect setup wizard, step 3 5. An entry for this step of the wizard is optional. If there are source ip address(es) t...
Page 205
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 193 f ig. 5-28 range to detect setup wizard, step 4 7. An entry for this step of the wizard is optional. If there are destination ip address(...
Page 206
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 194 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide f ig. 5-29 range to detect setup wizard, step 5 9. An entry for this step of the wizard is optional. If there are ports to be excluded fr...
Page 207
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 195 f ig. 5-30 range to detect setup wizard, step 6 11. After review the contents in all list boxes, click finish to accept all your entries....
Page 208: Profile
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 196 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide step 1b: block web access via ip sub-group profile note: this step assumes that the ip group and sub-group have already been created. 1. ...
Page 209
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 197 5. Click the redirect url tab to display the redirect url page: fig. 5-32 sub group profile window, redirect url tab 6. Select “default b...
Page 210
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 198 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 7. Click the filter options tab to display the filter options page: fig. 5-33 sub group profile window, filter options tab 8. Select filt...
Page 211
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 199 step 2: modify the global group profile 1. Click global group in the tree to open the pop-up menu. 2. Select global group profile to disp...
Page 212
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 200 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 3. Click the port tab to display the port page: fig. 5-35 global group profile window, port tab a. Enter the port number to be blocked, a...
Page 213
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 201 4. Click the default redirect url tab to display the default redirect url page: fig. 5-36 global group profile window, redirect url tab a...
Page 214
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 202 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 5. Click the filter options tab to display the filter options page: fig. 5-37 global group profile window, filter options tab a. Select f...
Page 215: Activate Nt Authentication
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 203 activate nt authentication after testing the net use command, the next step is to add the net use command to users’ login scripts. We rec...
Page 216
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 204 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide if errorlevel 0 echo code 0: success goto :end :try3 echo running net use... Net use \\192.168.0.20\r3000$ if errorlevel 1 goto :error if...
Page 217
C hapter 5: a uthentication d eployment a ctivate a uthentication on the n etwork 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 205 1. Click global group in the tree to open the pop-up menu. 2. Select global group profile to display the category tab of the profile wind...
Page 218: Hapter
C hapter 6: t echnical s upport h ours 206 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide c hapter 6: t echnical s upport for technical support, visit 8e6 technologies’s technical support web page at http://www.8e6.Com/support/ index.Htm, or contact us by phone, by e-ma...
Page 219: 8E6 Taiwan
C hapter 6: t echnical s upport c ontact i nformation 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 207 office locations and phone numbers 8e6 corporate headquarters (usa) 828 west taft avenue orange, ca 92865-4232 usa local : 714.282.6111 fax : 714.282.6116 domestic u...
Page 220: Support Procedures
C hapter 6: t echnical s upport s upport p rocedures 208 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide support procedures when you contact our technical support department: • you will be greeted by a technical professional who will request the details of the problem an...
Page 221: Ppendix
A ppendix a u ser /g roup f ile f ormat and r ules 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 209 a ppendix a user/group file format and rules the file with user/group profiles you upload to the server must be set up in a specified format, with one complete user/gro...
Page 222: Rule Criteria
A ppendix a u ser /g roup f ile f ormat and r ules 210 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide rule criteria rule criteria consists of selections made from the following lists of codes that are used in profile strings: • port command codes: a = filter all ports b...
Page 223
A ppendix a u ser /g roup f ile f ormat and r ules 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 211 • category codes: for the list of category codes (short names) and their corresponding descriptions (long names), go to http:// www.8e6.Com/r3000help/files/ 2group_text...
Page 224
A ppendix a u ser /g roup f ile f ormat and r ules 212 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide file format: rules and examples when setting up the file to upload to the server, the following items must be considered: • each profile must be entered on a separate l...
Page 225
A ppendix a u ser /g roup f ile f ormat and r ules 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 213 nt user list format and rules when setting up the “ntuserprofile.Conf” file, each entry must consist of the username, and either a rule number or rule criteria (port, c...
Page 226
A ppendix a u ser /g roup f ile f ormat and r ules 214 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide nt group list format and rules when setting up the “ntgroupprofile.Conf” file, each entry must consist of the group name, and either a rule number or rule criteria (por...
Page 227
A ppendix a u ser /g roup f ile f ormat and r ules 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 215 ldap user list format and rules when setting up the “ldapuserprofile.Conf” file, each entry must consist of the distinguished name (dn), with each part of the dn separa...
Page 228
A ppendix a u ser /g roup f ile f ormat and r ules 216 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide • ldap profile for a user with username “public\, joe q.”, organizational units “users” and “sales”, domain “qc”, dns suffix “.Local”: block all ports, block automobile...
Page 229
A ppendix a u ser /g roup f ile f ormat and r ules 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 217 ldap group list format and rules when setting up the “ldapgroupprofile.Conf” file, each entry must consist of the distinguished name (dn), with each part of the dn sepa...
Page 230: Ppendix
A ppendix b p orts for a uthentication s ystem a ccess 218 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide a ppendix b ports for authentication system access the following ports should be used for authentication system access: type no. Function tcp 8081 used between the ...
Page 231: Ppendix
A ppendix c ldap s erver c ustomizations 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 219 a ppendix c ldap server customizations the r3000 has been tested on common types of standard ldap servers with default settings. However, due to the number of ldap servers availa...
Page 232: Ppendix
A ppendix d d isable smb s igning r equirements 220 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide a ppendix d disable smb signing requirements smb signing is a windows security feature that is not currently supported by the r3000. If you are running a windows 2000 or w...
Page 233: Windows 2003
A ppendix d d isable smb s igning r equirements 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 221 disable smb signing requirements in windows 2003 by default, the smb protocol in windows 2003 is set to “not defined = on”. To disable (turn “off”) smb signing, do the fol...
Page 234
A ppendix d d isable smb s igning r equirements 222 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide fig. D-2 select properties in the domain controllers pop-up menu 3. Select properties to open the domain controllers prop- erties dialog box: fig. D-3 domain controllers p...
Page 235
A ppendix d d isable smb s igning r equirements 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 223 fig. D-4 group policy object editor window 5. In the left panel, go to the computer configuration branch of the tree and select the windows settings folder to display the ...
Page 236
A ppendix d d isable smb s igning r equirements 224 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide fig. D-6 group policy object editor window, security settings 7. Select local policies to display the contents of this folder in the right panel: fig. D-7 group policy obj...
Page 237
A ppendix d d isable smb s igning r equirements 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 225 scroll down and find “microsoft network client: digitally sign communications (always)”. 9. Right-click this item to open the pop-up menu, and select properties to open th...
Page 238: Ppendix
A ppendix e o btain or e xport an ssl c ertificate 226 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide a ppendix e obtain or export an ssl certificate when using web-based authentication, the ldap server’s ssl certificate needs to be exported and saved to the hard drive,...
Page 239: Locate Certificates Folder
A ppendix e o btain or e xport an ssl c ertificate 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 227 2. Verify that the certificate authority has been installed on this server and is up and running—indicated by a green check mark on the server icon (see circled item in...
Page 240
A ppendix e o btain or e xport an ssl c ertificate 228 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 3. From the toolbar, click console to open the pop-up menu. Select add/remove snap-in to open the add/ remove snap-in dialog box: fig. E-4 add/remove snap-in 4. Click a...
Page 241
A ppendix e o btain or e xport an ssl c ertificate 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 229 fig. E-6 certificates snap-in dialog box 6. Choose “computer account”, and click next to go to the select computer wizard page: fig. E-7 select computer dialog box 7. C...
Page 242
A ppendix e o btain or e xport an ssl c ertificate 230 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide notice that the snap-in has now been added to the console root folder: fig. E-8 console root with snap-in export the master certificate for the domain 1. Go to the righ...
Page 243
A ppendix e o btain or e xport an ssl c ertificate 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 231 this action launches the certificate export wizard: fig. E-10 certificate export wizard 3. Click next to go to the export private key page of the wizard: fig. E-11 expo...
Page 244
A ppendix e o btain or e xport an ssl c ertificate 232 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide fig. E-12 export file format 5. Select “base-64 encoded x.509 (.Cer)” and click next to go to the file to export page of the wizard: fig. E-13 file to export 6. Enter t...
Page 245
A ppendix e o btain or e xport an ssl c ertificate 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 233 fig. E-14 settings 7. Notice that the specified settings display in the list box, indicating the certificate has been successfully copied from the console to your disk....
Page 246
A ppendix e o btain or e xport an ssl c ertificate 234 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide export a novell ssl certficate 1. From the console of the ldap server, go to the tree in the left panel and open the security folder to display the contents in the cons...
Page 247
A ppendix e o btain or e xport an ssl c ertificate 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 235 3. Click the certificates tab to go to the self signed certifi- cate page. 4. Click export to open the export a certificate pop-up window: fig. E-17 export a certificat...
Page 248: Ppendix
A ppendix f o verride p op - up b lockers 236 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide a ppendix f override pop-up blockers an override account user with pop-up blocking software installed on his/her workstation will need to temporarily disable pop-up blocking in ...
Page 249
A ppendix f o verride p op - up b lockers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 237 yahoo! Toolbar pop-up blocker if pop-up blocking is enabled 1. In the options page (see fig. F-1), enter your username and password. 2. Press and hold the ctrl key on your keybo...
Page 250
A ppendix f o verride p op - up b lockers 238 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide fig. F-3 allow pop-ups from source 3. Select the source from the sources of recently blocked pop-ups list box to activate the allow button. 4. Click allow to move the selected s...
Page 251
A ppendix f o verride p op - up b lockers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 239 google toolbar pop-up blocker if pop-up blocking is enabled 1. In the options page (see fig. F-1), enter your username and password. 2. Press and hold the ctrl key on your keybo...
Page 252: Adwaresafe Pop-Up Blocker
A ppendix f o verride p op - up b lockers 240 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide adwaresafe pop-up blocker if pop-up blocking is enabled 1. In the options page (see fig. F-1), enter your username and password. 2. Press and hold the ctrl key on your keyboard ...
Page 253
A ppendix f o verride p op - up b lockers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 241 mozilla firefox pop-up blocker add override account to the white list 1. From the browser, open the preferences dialog box. 2. Go to the category list box and select privacy & s...
Page 254: Set Up Pop-Up Blocking
A ppendix f o verride p op - up b lockers 242 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide windows xp sp2 pop-up blocker set up pop-up blocking there are two ways to enable the pop-up blocking feature in the ie browser. Use the internet options dialog box 1. From the ...
Page 255: Use The Ie Toolbar
A ppendix f o verride p op - up b lockers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 243 use the ie toolbar in the ie browser, go to the toolbar and select tools > pop- up blocker > turn on pop-up blocker: fig. F-8 toolbar setup when you click turn on pop-up blocker...
Page 256: Use The Ie Toolbar
A ppendix f o verride p op - up b lockers 244 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide add override account to the white list there are two ways to disable pop-up blocking for the over- ride account and to add the override account to your white list. Use the ie to...
Page 257: Use The Information Bar
A ppendix f o verride p op - up b lockers 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 245 use the information bar with pop-up blocking enabled, the information bar can be set up and used for viewing information about blocked pop- ups or allowing pop-ups from a specif...
Page 258
A ppendix f o verride p op - up b lockers 246 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 3. Click the information bar for settings options: fig. F-11 information bar menu options 4. Select always allow pop-ups from this site—this action opens the allow pop-ups from ...
Page 259: Ppendix
A ppendix g g lossary 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 247 a ppendix g glossary this glossary includes definitions for terminology used in this user guide. Ads - active directory services is a windows 2000 direc- tory service that acts as the central autho...
Page 260
A ppendix g g lossary 248 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide directory service - uses a directory on a server to auto- mate administrative tasks for storing and managing objects on a network (such as users, passwords, and network resources users can access)....
Page 261
A ppendix g g lossary 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 249 firewall mode - an r3000 set up in the firewall mode will filter all requests. If the request is appropriate, the original packet will pass unchanged. If the request is inappropriate, the original ...
Page 262
A ppendix g g lossary 250 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide minimum filtering level - a set of library categories and service ports defined at the global level to be blocked or opened. If the minimum filtering level is established, it is applied in conjunct...
Page 263
A ppendix g g lossary 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 251 organizational unit (ou) - an attribute type that can be entered in the ldap distinguished name for a user group. Override account - an account created by the global group administrator or the grou...
Page 264
A ppendix g g lossary 252 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide search engine - a program that searches web pages for specified keywords and returns a list of the pages or services where the keywords were found. Service port - service ports can be set up to blo...
Page 265
A ppendix g g lossary 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 253 web-based - an authentication method that uses time- based profiles or persistent login connections. White list - a list of approved library categories for a speci- fied entity’s filtering profile..
Page 266
A ppendix g g lossary 254 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide.
Page 267: Ndex
8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 255 i ndex numerics 3-try login script 203 8e6 authenticator 23 , 42 8e6 supplied category 17 a account tab 134 address tab 131 ads, definition 247 alert box, terminology 3 alias list tab 137 alias name 138 always allowed 1...
Page 268
I ndex 256 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide function in net use based process 25 login scripts 32 authentication settings window 70 join the domain 101 authentication solution single user compatibility chart 53 authentication ssl certificate window 72 auth...
Page 269
I ndex 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 257 create ldap domain dialog box 125 custom categories 17 d default rule tab 139 dialog box, terminology 4 directory service, definition 248 directory, definition 247 distinguished name (dn) definition 248 ldap prot...
Page 270
I ndex 258 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide profile components 16 profile types 12 rules 20 static profiles 13 user, machine 14 firewall mode 61 , 62 definition 249 frame, terminology 4 ftp 59 g gateway ip address 62 global administrator, definition 249 gl...
Page 271
I ndex 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 259 definition 249 ip group 9 diagram 9 ipc share 25 j java applet 68 java plug-in 58 java runtime environment 58 , 68 java virtual machine 58 javascript 58 join the domain 102 l lan settings window 62 ldap active di...
Page 272
I ndex 260 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide log view files 78 login (or logon) script definition 249 examples 32 usage 25 m machine name, definition 249 manually add group dialog box ldap 151 nt domain 114 manually add member dialog box ldap 150 nt domain ...
Page 273
I ndex 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 261 name lookup, definition 250 netbios domain name 132 , 143 netbios name 70 netscape directory server 127 network address translation (nat), definition 250 network requirements 59 nic device 71 novell 23 , 28 , 30 ...
Page 274
I ndex 262 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide p pdc 102 definition 251 pop-up blocking, disable 236 pop-up box/window, terminology 5 primary ip address 63 primary domain controller (pdc) 248 profile string definition 251 elements 210 profile window 120 ldap ...
Page 275
I ndex 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 263 s screen, terminology 5 search engine, definition 252 secondary ip address 63 select groups/members from domain window 110 server message block (smb), definition 252 service port 18 definition 252 session-based a...
Page 276
I ndex 264 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide t technical support 206 text box, terminology 6 tier 1 net use based authentication 25 , 55 , 66 , 174 tier 1 and tier 2 script 39 tier 2 time-based, web-based authentication 36 tier 2 script 38 tier 2, tier 3 we...
Page 277
I ndex 8 e 6 t echnologies , r3000 e nterprise f ilter a uthentication u ser g uide 265 w wbwatch.Log 79 web-based authentication 54 , 64 , 72 block page authentication 82 ssl certificate 56 web-based, definition 253 white list, definition 253 window, terminology 7 windows 2003 smb signing 27 wins s...