|
User,
Client and Session authentication explained (generic) All of these authentication methods require a user name and password be given for authentication. The difference lies in how the authentication takes place and what services can be accessed following authentication. User Authentication: Authenticates users for specific services (FTP, HTTP, HTTPS, TELNET and RLOGIN). User authentication enables an administrator to grant specific users special access privileges. Client Authentication: Authenticates users of any service (standard or customized). There are three types of client authentication: manual, partially automatic, and automatic. Manual client authentication requires users to TELNET to port 259 or connect to the FireWall with a web browser on HTTP port 900 to be authenticated for all other allowed services. Partially Automatic, if the service is an authenticated service (RLOGIN, TELNET, HTTP, FTP), the user is signed on transparently via user authentication, and then the client is authenticated for all other services. Fully Automatic allows users to be authenticated for any service, users must install the Session Authentication agent in order to be authenticated (except the user authenticated services). Session Authentication: Works like a client authentication but requires the session authentication agent to be installed on the client. Session authentication does not require users to authenticate (using TELNET or HTTP) to the FireWall. However, the user must be authenticated each session.
4TH
DEC 2002 JIM PARKER |