Filtering Service

Filtering Service translates logon session data provided by Logon Agent so that the appropriate policies can be applied to users, groups, and domains (OUs).

Filtering Service receives user logon session information from Logon Agent as users log on to domain controllers or machines. Filtering Service gets user data as user name/IP address pairs. When Filtering Service receives the IP address of a machine making an Internet request, it consults its user map to match the address with a user name, allowing users to be identified transparently. Filtering Service then applies the policies assigned to those users or groups.

The product can be configured to prompt users to manually authenticate if it cannot obtain user information via Logon Agent. When manual authentication is enabled, users who cannot provide a valid user name and password are blocked from Internet access.

If a user cannot be identified transparently, and manual authentication is not enabled, Filtering Services applies computer or network (IP address-based) policies, or the Default policy, to user requests.