About global authentication settings

Global authentication settings determine the common behavior, irrespective of the authentication method used, such as, sign-in time-out and debug level.

Time-out

Setting a short time-out increases the load on the device, when using transparent NTLM (see our help topic, Creating authentication policies) or SSL (see our help topic, Customizing the SSL Login Page) sign-in methods. It also increases the rate of reauthentication requests. Setting a long time-out might enable unauthorized users to use the network if users leave devices without logging out. The behavior of some authentication mechanisms is adjusted by the time-out period automatically. For example, the refresh rate updates to make sure that authenticated users don't time out, see our help topic, Managing authentication policies.

Tip: You should encourage users to sign out of the system to make sure that other users of their device can't assume their privileges if a time-out is yet to occur.

IDex settings

If you have more than one Smoothwall Filter and Firewall hardware appliance and are using the IDex system, you need to enter the IDex Cluster nodes so that web filtering information can be shared among them. The IDex Cluster nodes are the IP addresses of the Smoothwall Filter and Firewall hardware appliances. Previously, a technology such as Kerberos, or in the case of BYOD, RADIUS Accounting Forwarding would be used to distribute logged-in user information to other Smoothwall nodes. However, the IDex Cluster eliminates this by sharing the logged-in user information among Smoothwall nodes. The IDex Cluster is also the receiving endpoint for the information delivered from the IDex Agent and IDex Client. You need the IDex Cluster if you're using the IDex Agent and if you're using group mapping with the IDex Client. The IDex Cluster is enabled automatically if you define at least one IDex Cluster node or configure an IDex Directory.

Clear directory

You can clear user and group authentication information from the IDex Directory. The clear process is performed across the entire IDex Cluster, there's no need to perform the Clear directory operation on all cluster nodes. Defined mapping is preserved when performing the IDex directory clear.

The process of clearing the IDex directory might take some time to complete and result in higher system load for all nodes in the IDex Cluster. The amount of time to perform the operation will depend on the amount of information stored in the IDex Database, and in turn this depends on the number of users in your system, the number of groups, how many users are logged on, and how many IDex Cluster nodes there are.