User Management
996
SonicOS 5.8.1 Administrator Guide
SonicWALL security appliances provide a mechanism for user level authentication that gives
users access to the LAN from remote locations on the Internet as well as a means to enforce
or bypass content filtering policies for LAN users attempting to access the Internet. You can
also permit only authenticated users to access VPN tunnels and send data across the
encrypted connection. The SonicWALL authenticates all users as soon as they attempt to
access network resources in a different zone (such as WAN, VPN, WLAN, etc.), which causes
the network traffic to pass through the SonicWALL. Users who log into a computer on the LAN,
but perform only local tasks are not authenticated by the SonicWALL.User level authentication
can be performed using a local user database, LDAP, RADIUS, or a combination of a local
database with either LDAP or RADIUS. SonicOS also provides Single Sign-On (SSO)
capability. SSO can be used in conjunction with LDAP. The local database on the SonicWALL
can support up to 1000 users. If you have more than 1000 users, you must use LDAP or
RADIUS for authentication.
Using Local Users and Groups for Authentication
The SonicWALL security appliance provides a local database for storing user and group
information. You can configure the SonicWALL to use this local database to authenticate users
and control their access to the network. The local database is a good choice over LDAP or
RADIUS for this purpose when the number of users accessing the network is relatively small.
#ONFIGURE%XTERNAL
$ATABASE2!$)53,$!0
#ONFIGURE,$!0
#ONFIGURE2!$)53
#ONFIGURE'ROUPS
ON3ONIC7!,,
#ONFIGURE
,OCAL$ATABASE
#ONFIGURE3ONIC7!,,
,OCAL5SERS
5SER'ROUPS
!DMINISTRATOR