Comodo Help
Find the desired product help
Comodo Secure Web Gateway

Comodo Secure Web Gateway

Secure Web Gateway Quick Start Guide

English

Print Help Download Help
Comodo Secure Web Gateway - Quick Start Guide > Configure User Authentication Settings
  • Comodo Secure Web Gateway - Quick Start Guide
    • Purchase A License
    • Login To Your Comodo SWG Account
    • Configure Traffic Forwarding To Comodo SWG
      • Traffic Forwarding Via Direct Proxy Or PAC
      • Traffic Forwarding Via Proxy Chaining
      • Traffic Forwarding Via Internet Content Adaptation Protocol (ICAP)
      • Traffic Forwarding Via SWG Agent
    • Connect Your Network(s) To Comodo SWG
    • Connect Your Roaming Device(s) To Comodo SWG
    • Configure User Authentication Settings
    • Add Users
    • Create Policies
    • Apply Policies
    • Generate Reports
  • About Comodo Security Solutions

Configure User Authentication Settings

 

  • Click 'Administration' > 'Authentication Configuration' > 'Authentication Settings' to open this interface.
  • You have to choose a user authentication method if you want to apply policies to specific users. You do not need to do this if you only plan to apply policy to networks/devices.
    • There are two methods available - 'Hosted DB' and 'Active Directory'. You can select only one authentication method per account.
      • After connecting your networks and adding them to 'Locations', the default security and URL filtering polices are applied to endpoints (unless custom policies exist).
        • You must first have added users before you can apply custom polices to them. You can add users in 'Administration' > 'Authentication Configuration' > 'User Management'. See next step 'Add Users'.




          Authentication Method

            • Comodo SWG supports 'Active Directory' and 'Hosted Database' authentication. You can only use one of these types.
              • You can combine auth types with traffic forwarding types
              • Comodo recommends the following types of combinations:

              S.No

              Auth Type

              Traffic Forwarding Types

              1

              Hosted DB

              SWG Agent, ICAP and Proxy Chain.

              2

              Active Directory

              SWG Agent.

              Note: You can only create network location rules for 'Direct Proxy' and 'PAC' traffic forwarding. You cannot .create user based rules for these forwarding types.


              Authentication methods for user-based rules explained:

              • Traffic forwarding via SWG Agent – The SWG agent authenticates users via Windows authentication on the device. There is no need to select any authentication and traffic forwarding option on the Locations interface. Hosted DB and Active Directory authentication methods are supported.
              • Traffic forwarding via Direct Proxy or PAC – User-based rules are not supported for these forwarding types, so no authentication is required. No need to select any authentication and traffic forwarding option on the Locations interface.
              • Traffic forwarding via Proxy Chaining / ICAP methods – If you plan to use a 3rd party proxy such as Websense or Bluecoat, then you can integrate with SWG and use Proxy Chaining/ ICAP to forward traffic. Once done, you can create user-based rules if the 3rd party product authenticates and sends user names to SWG. You have to select the appropriate authentication and traffic forwarding option on the Locations interface. Only Hosted DB authentication is supported.


              Hosted DB


              A user database hosted on Comodo SWG is used for authentication and identification. You will need to provide additional details including group and department in the 'Add User' dialog. See step 'Add  Users'.


              Active Directory


              Users are authenticated using Active Directory. To use this method, you need to download the SWG AD agent and install it in your AD server. After installation and configuration, AD users and groups will be automatically enrolled to Comodo SWG and be visible under 'User Management'.

              • Select 'Active Directory Sync via Agent' under 'Authentication Method'




              • Click 'Download'
              • The agent setup file will be downloaded to your default location
              • Next, click 'Save'

              A unique AD sync agent authentication token will be generated.




              • Copy this token and save it
                • Next, transfer the setup file to any client machine which is included in the AD server, or to the AD server itself.

                  Install SWG AD agent

                  • Run the setup file and complete the AD connection details form:




                  • User Token – Copy and paste the AD sync authentication token that you saved earlier
                  • Host Name / IP – Enter the host name or IP of the AD server
                  • Base DN – Enter the user base DN details, for example, DC=testing,DC=net
                  • Click 'Check LDAP Connection

                  You will see the following dialog after a successful connection:




                  • Click 'Save & Close'

                  AD users and groups will be automatically added to Comodo SWG after the first synchronization.

                  • Click 'User Management' and 'Users' / 'Groups' to view the enrolled users and group via AD.




                  The AD agent will initiate subsequent synchronizations every 3 hours automatically.



                  • Last Synchronization – Date and time that Comodo SWG most recently synchronized with the LDAP server
                  • Total Number of Objects – The number of users and groups enrolled to Comodo SWG via AD
                  Reset Synchronization
                  • Click 'Reset'




                  • Click 'OK'
                  • All the users / groups enrolled via AD will be removed from the 'User Management' list.
                  • SWG agent will initiate re-synchronization process and will complete in few minutes.
                  • Specific users / groups policies should be reapplied.


                  Authentication Bypass

                  • Specify the domain, wildcard domain, IP address or network for which you want to skip authentication




                  • Enter the details and click the '+' button on the right to add the exception
                  • Click the trash can icon beside an entry to remove it
                  • Click 'Save' for your changes to take effect

                  Bypassed Categories

                  • Specify the category of applications that you want to exempt from authentication.




                  • Choose the application from the list and click the '+' button on the right to exempt a category.
                  • If the user is within the network then they will be automatically authenticated by the domain controller.
                  • If the user is outside the network then the browser will ask the user to authenticate themselves with their AD credentials. Comodo SWG will direct the credentials to the domain controller for authentication.
                  • Click the trash can icon beside an entry to remove it.
                  • Click 'Save' for your changes to take effect.
                  Our Products
                  • Free Antivirus
                  • Free Internet Security
                  • Website Malware Removal
                  • Free Anti-Malware
                  • Anti-Spam (Free Trial)
                  • Windows Antivirus
                  • Antivirus for Windows 7
                  • Antivirus for Windows 8
                  • Antivirus for Windows 10
                  • Antivirus for MAC
                  • Antivirus for Linux
                  • Free Endpoint Security
                  • Free ModSecurity
                  • Free RMM
                  • Free Website Malware Scanner
                  • Free Device Manager for Android
                  • Free Demo
                  • Network Security
                  • Endpoint Protection
                  • Antivirus for Android
                  • Comodo Antivirus
                  • Wordpress Security
                  Cheap CDN
                  • Bootstrap CDN
                  • Semantic UI CDN
                  • Jquery CDN
                  • CDN Plans
                  • CDN
                  • Free CDN
                  Enterprise
                  • Patch Management Software
                  • Patch Manager
                  • Service Desk
                  • Website Down
                  • Endpoint Protection Solutions
                  • Website Security Check
                  • Remote Monitoring and Management
                  • Website Security
                  • Device Manager
                  • ITSM
                  • CRM
                  • MSP
                  • Android Device Manager
                  • MDR Services
                  • Managed IT Support Services
                  • Free EDR
                  Free SSL Certificate
                  Support Partners Terms and Conditions Privacy Policy

                  © Comodo Group, Inc. 2025. All rights reserved.