1. Networking
  2. Netgear
  3. STM600 - ProSecure Web And Email Threat Management Appliance

Configuring Groups. Netgear STM600 - ProSecure Web And Email Threat Management Appliance, STM300 - ProSecure Web And Email Threat Management Appliance, STM150 - ProSecure Web And Email Threat Management Appliance

Add to My manuals
261 Pages

advertisement

Configuring Groups. Netgear STM600 - ProSecure Web And Email Threat Management Appliance, STM300 - ProSecure Web And Email Threat Management Appliance, STM150 - ProSecure Web And Email Threat Management Appliance | Manualzz

ProSecure Web/Email Security Threat Management (STM) Appliance

The STM supports both unauthenticated and authenticated users:

Unauthenticated users. Anonymous users who do not log in to the STM and to which

the STM’s default email and Web access policies apply.

Authenticated users. Users who have a computer behind the STM, who log in to the

STM with a user name and password, and who are assigned an access policy that normally differs from the STM’s default email and Web access policies. Different users or user groups can have different access policies, so there can be multiple access policies on the STM.

In addition to being authenticated as individual users, users can be authenticated on the

STM according to group membership or IP address:

-

Group membership. A group is defined in the STM’s local database, an LDAP

database, or a RADIUS database. If you use a RADIUS database for authentication, a group can also be defined in a VLAN.

-

IP address. A group is defined by its IP address and subnet.

Note:

For detailed information about authentication, see

Configuring

Authentication

on page 154.

The login window that is presented to this type of users is the User Portal Login screen

(see

Figure 88

on page 156), which requires three items: a user name, a password, and a

domain selection. The domain determines the authentication method that needs to be used—LDAP, Active Directory, RADIUS, or the STM’s local database.

Configuring Groups

The use of groups simplifies the application of exception policies that allow different sets of users to have different Internet access restrictions. Rather than applying the same exception to each user, it is easier to apply a single exception to the entire group. For information about

exception policies, see

Setting Access Exception Rules for Web Access

on page 132.

Note:

For information about custom groups that allow you to set access exceptions for a combination of local groups and local users, groups and users that are defined by their IP address, LDAP groups and users, and RADIUS groups and users, see

Creating Custom Groups for Web Access Exceptions

on page 139.

148 | Chapter 5. Managing Users, Groups, and Authentication

ProSecure Web/Email Security Threat Management (STM) Appliance

You can define groups either by name or by IP address and subnet:

Groups defined by name. These are local groups on the STM to which you can add

users from the STM’s local user database. Local groups are automatically assigned to the

STM’s prosecuredomain default domain.

Note:

For information about groups that are defined by VLANs, see

Creating and Deleting VLANs for Use with RADIUS Domains

on page 170.

Groups defined by IP address and subnet. These are groups that can be on your local

network or on a remote device.

Note:

If you use groups on a remote device, you need to configure your network’s firewall to allow access to the IP address and subnet mask that have been assigned to the remote group.

Creating and Deleting Groups by Name

To create a local group by name:

1.

Select User Management > Groups from the menu. The Groups screen displays. (The following figure contains one example.)

Figure 82.

The List of Groups table displays the local groups with the following fields:

Name. The name of the group, which is the defining characteristic of the group.

Brief Description. An optional brief description of the group.

Action. The Edit table button, which provides access to the Edit Group screen, and

the Delete table button, which allows you to delete the group.

Chapter 5. Managing Users, Groups, and Authentication | 149

ProSecure Web/Email Security Threat Management (STM) Appliance

2.

In the Add New Group section of the screen, complete the fields as explained in the following table:

Table 43. Group Settings

Setting

Name

Description

A descriptive (alphanumeric) name of the group for identification and management purposes.

Description A brief description of the group for identification and management purposes. This description is optional.

3.

Click the Add table button. The new group is added to the List of Groups table.

To delete a group from the List of Groups table, click the Delete table button in the Action column for the group that you want to delete.

Note:

When you delete a group, an exception rule that is associated with this group no longer has any effect. You can delete such an exception rule.

Editing Groups by Name

To edit a local group that you created by name:

1.

Select User Management > Groups from the menu. The Groups screen displays (see the previous figure).

2.

In the Action column of the List of Groups table, click the Edit table button for the group that you want to edit. The Edit Group screen displays. (The following figure contains some examples.)

Figure 83.

150 | Chapter 5. Managing Users, Groups, and Authentication

ProSecure Web/Email Security Threat Management (STM) Appliance

3.

Change the field and move the users as explained in the following table:

Table 44. Edit Group Settings

Setting Description

Edit Description You can edit the brief description of the group for identification and management purposes.

Use the move buttons to move all users or only selected users from the Local users field to the Users in this group field (or the other way around).

These are the functions of the move buttons:

• < or > moves one or more highlighted selections from one field to the other.

• << or >> moves all entries from one field to the other.

4.

Click Apply to save your changes.

Creating and Deleting Groups by IP Address and Subnet

To create a group by IP address and subnet:

1.

Select User Management > IP Subnet/Groups from the menu. The IP Subnet/Groups screen displays. (The following figure contains one example.)

Figure 84.

The Groups Membership by IP Address table displays the groups with the following fields:

IP Address. The IP address for the group.

Netmask. The subnet mask for the group.

Name. The name of the group.

Action. The Delete table button, which allows you to delete the group.

Chapter 5. Managing Users, Groups, and Authentication | 151

advertisement

Related manuals

Netgear STM300EW-100NAS Reference Manual

Netgear

STM300EW-100NAS

  • Reference Manual
NETGEAR STM600 - ProSecure Web And Email Threat Management Appliance Appliance Reference Manual

Netgear

STM600 - ProSecure Web And Email Threat Management Appliance

  • Appliance Reference Manual
NETGEAR ProSecure STM150 Installation Manual

Netgear

ProSecure STM150

  • Installation manual
ProSecure STM600 Installation Manual

ProSecure

STM600

  • Installation manual
Netgear STM150 ProSecure Web and Email Threat Management Appliance Datasheet

Netgear

STM150EW-100EUS

  • Datasheet
NETGEAR ProSecure UTM25 Installation Manual

Netgear

ProSecure UTM25

  • Installation manual
Netgear PMPX1121 Datasheet

Netgear

PMPX1121-10000S

  • Datasheet
Netgear ProSecure UTM100 Installation manual

Netgear

ProSecure UTM100

  • Installation manual
Netgear STM150 Reference Manual

Netgear

STM150

  • Reference Manual

advertisement

Table of contents