User authentication

13 December 2023

ID 189897

The application supports the configuration of Kerberos- and NTLM authentication. When using NTLM authentication, you can configure domain name scans. This will help correctly process different formats of user domain names supported by the NTLM protocol.

It is recommended to use Kerberos authentication because it is the most robust mechanism. NTLM authentication allows hackers to access user passwords by intercepting network traffic.

After the Microsoft update is released (see ADV190023 LDAP Channel Binding and LDAP Signing for details), NTLM user authentication in Kaspersky Web Traffic Security will no longer work.

For both types of authentication, you can create exclusions that let users access web resources without authentication.

In this Help section

Configuring Kerberos authentication

Creating a keytab file

Configuring NTLM authentication

Configuring domain name scans

Adding authentication exclusions

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.