Support User Manuals

SonicWALL 5.8.1 Microscope & Magnifier User Manual

Open as PDF

of 1490

User Management

997

SonicOS 5.8.1 Administrator Guide

Creating entries for dozens of users and groups takes time, although once the entries are in

place they are not difficult to maintain. For networks with larger numbers of users, user

authentication using LDAP or RADIUS servers can be more efficient.

To apply Content Filtering Service (CFS) policies to users, the users must be members of local

groups and the CFS policies are then applied to the groups. To use CFS, you cannot use LDAP

or RADIUS without combining that method with local authentication. When using the combined

authentication method in order to use CFS policies, the local group names must be an exact

match with the LDAP or RADIUS group names. When using the LDAP + Local Users

authentication method, you can import the groups from the LDAP server into the local database

on the SonicWALL. This greatly simplifies the creation of matching groups, to which CFS

policies can then be applied.

The SonicOS user interface provides a way to create local user and group accounts. You can

add users and edit the configuration for any user, including settings for the following:

• Group membership - Users can belong to one or more local groups. By default, all users

belong to the groups Everyone and Trusted Users. You can remove these group

memberships for a user, and can add memberships in other groups.

• VPN access - You can configure the networks that are accessible to a VPN client started

by this user. When configuring VPN access settings, you can select from a list of networks.

The networks are designated by their Address Group or Address Object names.

Note The VPN access configuration for users and groups affects the ability of remote clients using

GVC, NetExtender, and SSL VPN Virtual Office bookmarks to access network resources. To

allow GVC, NetExtender, or Virtual Office users to access a network resource, the network

address objects or groups must be added to the “allow” list on the VPN Access tab.

Internet

User

Workstation

1

2

3

4

2

3

4

1

User attempts to access the web.

SNWL requires authentication of the User:

redirects workstation to authenticate.

User authenticates with credentials.

SNWL Local Database authorizes or denies access based on User privileges.

E7500

Network Security Appliance

previous next