A
PPENDIX
A: A
UTHENTICATION
O
PERATIONS
T
IER
2: T
IME
-
BASED
, W
EB
A
UTHENTICATION
M86 S
ECURITY
U
SER
G
UIDE
191
Tier 2 implementation in an environment
In an environment where Tier 2 time-based profiles have
been implemented, end users receive filtering profiles after
correctly entering their credentials into a Web-based
Authentication Request Form. A profile remains active for a
configurable amount of time even if the user logs out of the
workstation, changes IP addresses, etc.
Tier 2 time-based profiles do not call for the Web Filter to
maintain a connection with the client machine, so the Web
Filter cannot detect when the user logs off of a workstation.
In order to remove the end user’s profile, one of two scripts
detailed in this sub-section should be inserted into the
network’s login and/or logoff script.
The Tier 2 Script should be used if Tier 2 is the only tier
implemented in an environment. The Tier 1 and Tier 2 Script
should be used if Tier 2 is implemented along with Tier 1 in
an environment. Since both sets of scripts use the NET USE
command, the client machine must already have the ability
to connect to the Web Filter via NET USE in order for the
profile to be removed in either environment.