What Sender Parameter is used to store the Sender information from the proxy server with Network Prevent for Web?
Last Updated May 10, 2019
You need to know what sender parameter is used to store the username and domain information sent from the proxy server in the format provided by the proxy server to use this information in a CSV or LDAP Lookup, for example information from Microsoft's Threat Management Gateway (TMG) looks like "Negotiate://DOMAIN/username" or from Bluecoat proxy looks like "WinNT://DOMAIN/username"
The username and domain information sent from the proxy server is stored in the sender-email parameter.
By default most proxy server's only send the IP address and not the domain user information to the Network Prevent server which is stored in the sender-ip parameter.
TECH219986 - Sender Match Pattern doesn't work on Web Prevent authentication string (WinNT://domain/username) TECH220391 - Steps to fix "WinNT://DOMAIN/username" being returned as sender-email attribute (Windows Enforce server) TECH220148 - Using LiveLdap Lookup with HTTP/HTTPS Incidents from Network Monitor or Network Prevent for Web
Imported Document ID: TECH220615
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe