Content Gateway Deployment > Content Gateway deployment issues
|
|
Content Gateway system requirements (hardware and operating system)
|
With IP spoofing enabled, traditional debugging tools such as traceroute and ping have limited utility.
|
|
Legacy NTLM (Windows NT® LAN Manager, NTLMSSP)
|
|
Multiple realm networks in which domains do not share trust relationships and therefore require that each domain's members be authenticated by a domain controller within their domain. In this environment rules are created that specify:
|
|
Authentication when domain membership is unknown: Some organizations do not always know what domain a user belongs to. For example, this can happen when organizations acquire new businesses and directory services are not mapped or consolidated. The unknown domain membership problem can be handled in rule-based authentication by creating a rule for IP address lists or ranges that specifies an ordered list of domains to attempt to authenticate against. The first successful authentication is remembered and used in later authentications. If authentication is not successful or the browser times out, no authentication is performed.
|
|
Authentication based on User-Agent value: One or more User-Agent values can be specified in an authentication rule. Often this is a list of browsers. When the User-Agent value matches a rule, authentication is performed against the specified domain or domains. If the User-Agent value doesn't match any rule and no rule matches based on other values, no authentication is performed (this is always true in rule-based authentication; if no rule matches, no authentication is performed).
|
Content Gateway Deployment > Content Gateway deployment issues
|