Require authentication to access websites in an AUP category

Before you begin

Make sure a directory and identity provider is configured. For more information, see Add a directory and Add an identity provider.

You can enable an authentication mode in a policy to require that users authenticate when they access allowed websites for a specific acceptable use policy (AUP) category. If you select the Require or Optional authentication mode settings, you must select an identity provider.

With the Optional mode, users can skip authentication. However, access is not guaranteed when the user skips authentication. For example, if the Social Media category is blocked to every user except for users in Group A, the users in Group A can access social media websites that are part of this category. To access a social media website, users in Group A can authenticate or skip authentication. If the user skips authentication, they are assigned the most strict policy action. In this case, the user who skipped authentication is blocked from accessing the social media website because ETP is unable to confirm that the user is part of Group A.

How to

  1. In the navigation menu, select Configuration > Policies.
    Note: If you are trying the new Enterprise Center interface, in the navigation menu, select Policies > Policies.
  2. Go to the policy where you want to enable an authentication mode.
  3. Click the edit icon.
  4. Click the Settings tab.
  5. In the Other Settings area, navigate to the Authentication Mode menu.
  6. To require authentication:
    1. Select Require. If you want to allow users to skip authentication, select Optional. The Identity Provider menu appears.
    2. Select an identity provider.
  7. If you blocked categories in the acceptable use policy (AUP) and you want to grant access to only specific users associated with the identity provider, see Grant specific users or groups access to an AUP category or subcategory.
  8. Click Save.

Next steps

Deploy configuration changes