Browser Based Auth - Design Question

tropicanaslim — Wed, 22 Jun 2022 12:58:04 GMT

Hi Checkmates,

Currently i have customer who need to redesign their networks access flow when user access to the internet. The existing using Sangfor IAM, and i just proposed with Quantum Firewall using Browser Based Auth to intercept access user access to internet with captive portal.

My question :

Do we need or mandatory enable https inspection to set up browser based auth for https traffic? because i check on SK, some https website can intercept some cant.
How good browser based auth on Check Point? can we set up portal with change password for each user? and create maximum user account only used by for example 2 machine?

Thank!

Re: Browser Based Auth - Design Question

PhoneBoy — Wed, 29 Jun 2022 20:12:37 GMT

You'll need HTTPS Inspection for redirects to the Captive Portal to work.
I don't believe the Captive Portal provides a mechanism to change password nor does IDA necessarily prevent you from logging in from multiple IPs.
That is the sort of thing the IAM server should be able to enforce, however.

topic Re: Browser Based Auth - Design Question in Firewall and Security Management

Browser Based Auth - Design Question

Re: Browser Based Auth - Design Question