Choose an authentication method
Article ID: 165551
Updated On:
Products
Cloud Secure Web Gateway - Cloud SWG
Issue/Introduction
You need to choose an authentication method for the Web Security Service.
Resolution
There are five main ways to authenticate users in the ThreatPulse service:
- SAML
- Captive Portal
- Roaming Captive Portal
- SSO (IP-to-User)
- HTTP Header Injection
Each authentication method is designed to fit various environments.
Below is a table of each authentication method, the surrogate type used and which access methods are supported:
| Authentication Method: | Challenge based: | Surrogate Type: | Supported Access methods: | |||
| IPSEC | Explicit | Unified Agent | Proxy Forwarding | |||
| SAML | Yes | Cookie | Yes | Yes | No | No |
| Captive Portal | Yes | IP | Yes | Yes | Yes | No |
| Roaming Captive Portal | Yes | Cookie | No | Yes | No | No |
| SSO (IP-to-User) | No | IP | Yes | No | No | No |
| HTTP Header Injection | Yes/No depends on ProxySG config | None | No | No | No | Yes |
Example: If you have a Citrix rich environment, you would need to use SAML authentication or Roaming Captive portal because it supports cookie based surrogates.
For more information regarding authentication methods, please visit the Auth Method section of our Access Method WebGuide here.
Feedback
Yes
No
Powered by
