Virtual Secure Web Gateway

Good morning everyone,

We have had our Symantec Web Gateway setup using LDAP for several months now.  Our configuration is pretty simple, we just have a main policy that restricts nearly everything and then another policy for unrestricted web access through an LDAP workgroup.

The Problem is, from time to time random users who are included in the unrestricted access group seem to drop out of the system.  When this happens their Login Name is no longer listed in the reports and they are blocked from restricted content.  The problem seems to come and go and we have the user log off and then back on repeatedly until the gateway recognizes them again.. this can take hours.

Important Info:
Windows Server 2003 Service Pack 2 Standard
Symantec Web Gateway 4.5.0.372

If anyone knows what might be causing this we would greatly appreciate the help!

The user drop out can happen due to the user not logging in for 8+ hours (default time out) in the SWG. After 8 hours and not seeing a user logon event from the DC SWG will assume the user has logged out as to limit access/prevent someone else who may get that IP from either getting or not getting a proper polciy applied.

If your IPs and Users are not changing regularly you may be able to extend the ageout value for ldap.

However what you are describing is expected behavior.

Hey Guys, just a correction here, it's only after a week that the Web Gateway will no longer assume a user is logged into a PC and IP policys will be applied instead of user based policys if they exist.  This is actually hard coded in the product and currently can't be extended.

In terms of the issue Bob is seeing, my recommendation would be to ring into Support and work with a Support Engineer on this.

Cheers,

Kevin