Next: User Authentication Methods Up: No Title Previous: Example Authorization Rules

User Authentication

So far, this manual has described the Eagle as primarily a network/host authenticator. That is, your authorization rules allow or deny access based on hostname or network name, but do not authenticate individual users. Users on authorized hosts can go in and out of the protected network without identifying themselves. You can, however, have the Eagle identify and authenticate who is using the system. These users must identify themselves with a user name and a password or by SecurID unique key and passcode. This authentication is in addition to any other form of authorization/authentication required by the node being accessed or by the application being executed.

Users requiring password authentication must identify themselves by a user name and a password at the Gateway node. The name identifies the user and the password authenticates the user. If the gateway name or password is not valid, access thru the gateway is denied and the connection attempt logged. If the user is authenticated and all other conditions of the authorization rules are met, the connection is completed and the user information is recorded in the log. In addition to recording where a connection request is initiated, who requested the connection is now known.



tkevans@delmarva.com