Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 26 subscribers
  • Views 6123 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD user authentication

Iffi

We can achieve AD user authentication in XG two way NTLM and STAS.

My question is which method is best?

 

Thanks

Iffi



This thread was automatically locked due to age.
  • +1

    Iftikhar,

    using NTLM does not require any STAS agent installation on your DCs but keep in mind that using NTLM requires that your browsers accept and forward NTLM credentials correctly.

    This can be controlled using GPO with IE while can be challenging with other browsers. Using STAS, as soon the Users correctly authenticate against DC, the credential and IP are "stolen" from DC audit events and they are passed to STAS agent and then to XG to create the match IP --> User.

    I advice to use STAS because it is more flexible.

    Regards