What are the differences between the authentication tiers?


This article applies to:

  • R3000

Question:

What are the differences between the authentication tiers?

Reply:

Tier 1 (Web-based authentication disabled) - The only available methods of authentication are either via Net Use login scripts or commands, or by using the 8e6 Authenticator application (authenticat.exe).

Tier 2 (Time-based profiles) - With this option, a user can still authenticate in the same style as Tier 1, but another option becomes available as well. One can set the default global group or IP group profile to be restrictive, and set the redirect page to be an authentication request form instead of a block page. In this way, a user would browse to a site, and be asked to authenticate by entering in their domain username and password. The proper authentication profile would then be applied for X minutes, as configured on the Enable/Disable Authentication screen. Note that one can set a logoff script to kill this profile before X minutes expires.

Tier 3 (Java applet) - This option is nearly the same as Tier 2, but instead of the profile being assigned for a set amount of time, a small window with a Java applet will popup on the user's machine.

The box will manage a heartbeat connection with the R3000, and the profile will remain active as long as this heartbeat does. The profile will only terminate after some number of heartbeats are missed, or a kill command is issued by closing the applet window.

This article was previously published as:
8e6 KB 276505

Last Modified 1/29/2010.
https://support.trustwave.com/kb/KnowledgebaseArticle12324.aspx