When users log on to the computers in your network, they must give a user name and password. If you use Active Directory authentication on your XTM device to restrict outgoing network traffic to specified users or groups, your users must also complete an additional step: they must manually log in again to authenticate to the XTM device and get access to network resources or the Internet. To simplify the log in process for your users, you can use Single Sign-On (SSO). With SSO, your users on the trusted or optional networks provide their user credentials one time (when they log on to their computers) and are automatically authenticated to your XTM device.
For more information on SSO, and to learn how to enable it on your XTM device using Fireware XTM Web UI, see:
The WatchGuard SSO solution includes the SSO Agent, the SSO Client, and the Event Log Monitor. For SSO to work, you must install the SSO Agent software. The SSO Client software is optional and is installed on each client computer. The Event Log Monitor is also optional, and is installed on each of your domain controllers. When the SSO Client software or the Event Log Monitor software is installed and the SSO Agent contacts a client computer for user credentials, either the SSO Client or the Event Log Monitor sends the correct user credentials to the SSO Agent.
We recommend that you do not use SSO without either the SSO Client or the Event Log Monitor.
You can use Policy Manager or Fireware XTM Web UI to enable and configure SSO.
For more information on SSO, and to learn how to enable it on your XTM device using Policy Manager, see: