Best practices when using Windows Active Directory

If you have only one Active Directory domain, or if all of your Active Directory domains share inbound and outbound trust relationships, the best option is to deploy Integrated Windows Authentication. However, if you want to control authentication based on User-Agent values, you must use Rule-Based Authentication.

If you have multiple domains or realms and user authentication is a requirement, you must use Rule-Based Authentication. For details, see Rule-Based Authentication.

If user identification is sufficient, you can use one of the Forcepoint Web Security user identification options. See the “User Identification” section of the Forcepoint Web Security Administrator Help.