Methods to Check for Corporate Credential Submissions
Use this table to decide which corporate credential detection method to configure on the firewall in service of credential phishing prevention.
Before you set up credential phishing prevention, decide which method you want the firewall to use to check if credentials submitted to a web page are valid corporate credentials.
Method to Check Submitted Credentials
User-ID Configuration Requirements
How does this method detect corporate usernames and/or passwords that users submit to websites?
The firewall checks to determine if the username a user submits to a restricted site matches any valid corporate username.
To do this, the firewall matches the submitted username to the list of usernames in its user-to-group mapping table to detect when users submit corporate usernames to sites in a restricted category.
This method only checks for corporate username submissions based on LDAP group membership, which makes it simple to configure, but more prone to false positives.
IP User Mapping
The firewall checks to determine if the username a user submits to a restricted site maps to the IP address of the login username.
To do this, the firewall matches the IP address of the login username and the username submitted to a web site to its IP address-to-user mapping table to detect when users submit their corporate usernames to sites in a restricted category.
Because this method matches the IP address of the login username associated with the session against the IP address-to-username mapping table, it is an effective method for detecting corporate username submissions, but it does not detect corporate password submission. If you want to detect corporate username and password submission, you must use the Domain Credential Filter method.
Domain Credential Filter
The firewall checks to determine if the username and password a user submits match the same user’s corporate username and password.
To do this, the firewall must be able to match credential submissions to valid corporate usernames and passwords and verify that the username submitted maps to the IP address of the login username as follows:
To learn more how the domain credential method works and the requirements for enabling this type of detection, see Configure Credential Detection with the Windows-based User-ID Agent.
Recommended For You
Recommended videos not found.