About the ID Indexing System
The ID Indexing System provides a way of reliably identifying already authenticated users in a wide variety of wide-area, Active Directory domain networks, where link and speed cannot be guaranteed.
The ID Indexing System consists of:
The IDex Client is an application which acts as a miniature local proxy on macOS and Windows® workstations. It forwards usernames, group membership, and information about web requests to the Smoothwall for web filtering purposes. Each web request is individually identified, therefore it can identify multiple users logged in at the same workstation. Local user accounts are identified by the workstation, as well as users behind a NAT connection.
The IDex Client runs without any interaction from your end-users, gathering necessary information directly from the workstation. This has the advantage of not being reliant on a working connection to your domain controllers to be able to function correctly — so long as users can log into the workstation, information can be captured. Additionally, no direct communication path is required between the Smoothwall and the Active Directory.
Note: IDex client is not recommended for installing on remote client workstations. Remote connected workstations should use Connect Filter instead of IDex Client.
Note: IDex client cannot filter applications that cannot be configured to use explicit proxy settings.
Remote connected workstations should use Connect Filter instead of IDex Client.
Connect Filter and IDex Client cannot be installed together on the same machine.
- All browser types are supported
- Operating Systems:
- macOS 10.10 and above
- Windows 7, Windows 8, Windows 8.1, Windows 10 (32-bit and 64-bit versions)
With Microsoft® DirectAccess systems, HTTPS could potentially be used to establish a tunnel back to the organization network. In such instances, the external IP or host, configured in the DirectAccess server configuration must be excluded from the proxy configuration to prevent failure. This failure will be caused by the outgoing connection for the IP-over-HTTPS tunnel attempting to connect through the IDex Client to reach the Smoothwall proxy via the same tunnel.
It should be noted that, when an off-site client system connection is established through DirectAccess, the DirectAccess server IP address will be seen in the User Activity page instead of the client device’s IP address.
For information on installation and interface setup, see:
The IDex Agent is a Smoothwall application, installed on your Active Directory domain controllers, that monitors user log on events. When such an event is detected the IDex Agent sends the following information to the Smoothwall:
- User group membership
- Workstation's IP address
Note: The IDex Agent cannot identify more than one user per IP address. If another user is detected at the same IP address it is assumed to be a new user and that the previous user logged off.
Both the IDex Client and Agent operate independently of each other. However, if using the IDex Agent, or requiring group mapping with the IDex Client, you must enable the IDex Directory.