ProSecure Web/Email Security Threat Management (STM) Appliance Reference Manual
Managing Users, Groups, and Authentication 5-11
v1.0, September 2009
b. Log in again.
c. On the Authentication screen (see Figure 5-8 on page 5-10), click the logout link.
In addition to authentication through the STM’s local user database, the STM supports the
following external authentication methods for users logging in through the User Portal Login
screen:
• LDAP. A network-validated domain-based authentication method that functions with a
Lightweight Directory Access Protocol (LDAP) authentication server. LDAP is a standard
for querying and updating a directory. Because LDAP supports a multilevel hierarchy (for
example, groups or organizational units), this information can be queried to provide
specific group policies or bookmarks based on LDAP attributes.
• Active Directory. A network-validated domain-based authentication method that
functions with a Microsoft Active Directory authentication server. Microsoft Active
Directory authentication servers support a group and user structure. Because the Active
Directory supports a multilevel hierarchy (for example, groups or organizational units),
this information can be queried to provide specific group policies or bookmarks based on
Active Directory attributes. A Microsoft Active Directory database uses an LDAP
organization schema.
• RADIUS. A network-validated PAP or CHAP password-based authentication method that
functions with Remote Authentication Dial In User Service (RADIUS).
The user must know how to return to the User Portal Login screen. The
administrator must provide the User Portal Login URL:
https://<IP_address>/~common/cgi-bin/user_login.pl
or
https://<FullyQualifiedDomainName>/~common/cgi-bin/user_login.pl
Alternately, the administrator can provide the NETGEAR Configuration
Manager Login screen, from where the user can access the User Portal Login
screen:
https://<IP_address>
or
https://<FullyQualifiedDomainName>
Warning: Ensure that users understand that they must log out after completing a
session in order to prevent subsequent users from inheriting access
privileges that were not assigned to them.