Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 40 subscribers
  • Views 13395 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Active Directory Integration (Loose Or Tight)

FaheemSarwar

Dear All, 

i am new to Sophos XG firewall. we have been using Sophos web appliance since a while and we managed all our AD users in custom groups we made in Web appliance and assigned different policies to different groups. there are only 2 OU in AD which categorize almost 600 users in our environment.

we have also tried Cyberoam UTM (now acquired by Sophos), which has two options for authenticating with AD, "loose integration" & "tight integration". for the purpose of managing users in custom groups regardless of AD categorization, we must choose "loose integration".

i cant seems to find the "loose integration" option in XG firewall which means that i have to reorganize my web appliance user groups in AD.

what i wonder about is that: if there is no loose integration option available in XG firewall then what is the purpose of custom user groups.

Regards,

Faheem



This thread was automatically locked due to age.
Parents
  • 0

    Hi Faheem, just to confirm part of your original question.

    As you have figured out the XG firewall has only implemented the the equivalent of Tight Integration from the Cyberoam platform, the platform still supports custom groups for environments where you might not be using Active Directory Integration.


    I would suggest that instead of managing the custom groups on the appliance you do this in Active Directory, of note the group matching is name based so if both OU's had a group with exactly the same name the members would be accumulated into a single permission group on the XG.

    Leon Friend

    Sophos Sales Engineer

    Sophos XG Firewall - Certified Architect, Sophos Certified Engineer, Cyberoam CCNSE, Cyberoam CCNSP

Reply
  • 0

    Hi Faheem, just to confirm part of your original question.

    As you have figured out the XG firewall has only implemented the the equivalent of Tight Integration from the Cyberoam platform, the platform still supports custom groups for environments where you might not be using Active Directory Integration.


    I would suggest that instead of managing the custom groups on the appliance you do this in Active Directory, of note the group matching is name based so if both OU's had a group with exactly the same name the members would be accumulated into a single permission group on the XG.

    Leon Friend

    Sophos Sales Engineer

    Sophos XG Firewall - Certified Architect, Sophos Certified Engineer, Cyberoam CCNSE, Cyberoam CCNSP

Children
No Data
Unfiltered HTML