Virtual Secure Web Gateway

 View Only

  • 1.  SWG 5.2 and Windows 2012 AD - user auth?

    Posted Jun 27, 2014 02:25 AM
    Hello, Since DCInterface does not work with Windows 2012 AD, how can customer autenticate users with SWG 5.2 in Proxy mode and Windows 2012 R2 AD environment? Best regards, Vladimir


  • 2.  RE: SWG 5.2 and Windows 2012 AD - user auth?

    Posted Jun 27, 2014 05:03 AM

    As you're aware, SWG5.2 supports Win2012 for neither DCInteface nor NTLM authentication of users:

    http://www.symantec.com/docs/TECH203506

    This essentially means that you have no supported method at this time of determining which user is doing the browsing (so identification by hostname/IP address only).  As a partner, I'd suggest feeding this back through your Symantec contact.

    You may try getting NTLM to work, just be aware that it won't be supported.



  • 3.  RE: SWG 5.2 and Windows 2012 AD - user auth?

    Posted Jun 27, 2014 05:19 AM

    I am aware of that, this is why I am asking for some workaround or ETA for Windows 2012 auth. support. It is unbelivable not to have support for Windows 2012 AD because, for example, if customer has URL filtering, paid extra $$$ it can not be used, simple because you can not confgiure filtering by groups or in any other way!



  • 4.  RE: SWG 5.2 and Windows 2012 AD - user auth?

    Posted Jul 23, 2014 07:00 AM
    This just proves how Connect forum is useless, at least for SWG. Does anybody from Symantec team reads those posts? Does anybody care? I can not understand this kind of attitude!


  • 5.  RE: SWG 5.2 and Windows 2012 AD - user auth?

    Broadcom Employee
    Posted Aug 22, 2014 04:16 PM

    There is no workaround. There is no ETA. The Web Gateway does not support Server 2012 in any way.

    You would need to set up a 2008 server and perform NTLM to that.

     

    I don't understand how the URL filtering license is useless without authentication. That license simply activates the download of the content filtering database which categorizes web sites. This has nothing to do with end user authentication.



  • 6.  RE: SWG 5.2 and Windows 2012 AD - user auth?

    Posted Sep 11, 2014 02:30 AM

    As a customer, you would like to have policy that will permit some user to access some categories and other users to access other categories of web sites. I do not think that there are customer that use content filtering that is same for all users inside their organization. So, if you are not able to do user authentication how can you implement any policy on content filtering that is based on users or users groups?



  • 7.  RE: SWG 5.2 and Windows 2012 AD - user auth?

    Broadcom Employee
    Posted Sep 11, 2014 07:56 AM

    Many companies only need one policy for their users. If you have Server 2012 as your domain controller, your only option is to create policies based on users' IP addresses.



  • 8.  RE: SWG 5.2 and Windows 2012 AD - user auth?

    Posted Sep 11, 2014 08:05 AM

    ... and how is easy it would be to manage all those IPs! This is not a solution, tell that to any customer and you will lose them, instanlty!

     



  • 9.  RE: SWG 5.2 and Windows 2012 AD - user auth?

    Posted Nov 26, 2014 06:22 AM

    So no news on this front ?

    Am I to start looking elsewhere for a Web Gateway?