Kerio Tech Firewall6 Network Router User Manual


 
6.4 Basic Traffic Rule Types
111
Alternatively you can define the rule to allow only authenticated users to access
specific services. Any user that has a user account in WinRoute will be allowed to
access the Internet after authenticating to the firewall. Firewall administrators can
easily monitor which services and which pages are opened by each user (it is not
possible to connect anonymously).
Figure 6.29 Only authenticated users are allowed to connect to the Internet
For detailed description on user authentication, refer to chapter 8.1.
Notes:
1. The rules mentioned above can be combined in various ways (i.e. a user group can
be allowed to access certain Internet services only).
2. Usage of user accounts and groups in traffic policy follows specific rules. For de-
tailed description on this topic, refer to chapter 23.5.
Exclusions
You may need to allow access to the Internet only for a certain user/address group,
whereas all other users should not be allowed to access this service.
This will be better understood through the following example (how to allow a user group
to use the Telnet service for access to servers in the Internet). Use the two following rules
to meet these requirements:
First rule will deny selected users (or a group of users/IP addresses, etc.) to access
the Internet.
Second rule will deny the other users to access this service.
Figure 6.30 Exception — Telnet is available only for selected user group(s)