WebTitan supports multiple authentication methods:
- IP & NTLM
- IP & LDAP
- Keyshield based authentication
- Transparent Authentication using WADA
Each method of authentication can work in conjunction with the WebTitan Active Directory Agent (WADA), and "Transparent Authentication using WADA" requires the use of WADA. WADA can be used as an "authentication assistant" to provide some additional benefits.
WebTitan Active Directory Agent
The WebTitan Active Directory Agent (WADA) is installed on your Active Directory server. It must run with Domain Administrator privileges. It builds a list of the IP addresses of the computers on your network and the users that are currently logged on to each computer. It does this by:
1) Monitoring the Event Log for log on/log off events
2) Scanning each PC using WMI to identity the user that is currently logged on.
This information gathered by WADA is sent to the WebTitan server via the proxy port (default 8881). WebTitan can then use this information to identify users based on the IP address from which their HTTP/S request originates.
WADA provides the following benefits:
1) It provides a fall back method of authentication
If your primary method of authentication fails WADA can continue to provide authentication information to the WebTitan server. For example, if your AD server was not contactable your users could still continue to browse if they were identified by WADA.
2) Remove requirement to enter user credentials when using LDAP authentication.
When using LDAP authentication your users are prompted to provide credentials each time they open their browser. If a user is identified by WADA they will not need to provide credentials.
3) Reduce the load on the server
The default methods of authentication require that action be taken by the WebTitan server in order to authenticate a user. When using WADA, any user that has been identified by the WADA agent is automatically authenticated based on the IP address they are connecting from.
4) Reduce likelihood of problems when using web sites that require authentication
If you use a site that is, for example, accessed using NTLM authentication the WebTitan server can intercept the NTLM credentials and attempt to verify them. This will prevent the credentials from reaching the target site. If WADA is used and has identified the user requesting access to the site, then the WebTitan server will not attempt to intercept the NTLM credentials because the user has already been authenticated by the WADA agent.
1) Download the WADA installer
2) Determine the currently configured WebTitan proxy port
Log on to the WebTitan server, go to System Setup > Proxy and note the "Proxy Port Number". The default value is 8881.
3) Run the installer
- Click "Next"
- Agree to the license terms
- Select install folder
- Click "Install"
- Add the configuration details indicated below
- Click "Save configuration and continue"
- Enter the user credentials which the WADA agent will use (Domain Administrator credentials are required)
- Click "Yes" to start the WADA service
- Click "Finish".
It may take up to 60 minutes for all computers to be reported.