Configuring authentication security policies

Chapter 4 Authentication : Configuring authenticated access : Authentication in security policies : Configuring authentication security policies

To include authentication in a security policy, the policy must specify user groups. A security policy can authenticate by certificate, FSSO, and NTLM. The two exceptions to this are RADIUS SSO and FSSO Agents. See “SSO using RADIUS accounting records”, and “Introduction to FSSO agents”.

Before creating a security policy, you need to configure one or more users or user groups. For more information, see “Users and user groups”.

Creating the authentication security policy is the same as a regular security policy except you must select the action specific to your authentication method:

Table 19: Authentication methods allowed for each policy Action
Action	Authentication method	Where authentication is used
ACCEPT	FSSO Agent or a security policy that specifies an FSSO user group	See “Agent-based FSSO”.
	NTLM	See “NTLM authentication”.
	Certificates	See “Configuring certificate-based authentication”.
	RADIUS SSO	See “SSO using RADIUS accounting records”.
DENY	none	none