Help

Getting http and https proxy to work (kerberos)

Kedgar
Contributor

Posted on ‎07-26-2015 10:30 AM

Hello,

We are trying to deploy Trustwave Secure Web Gateway with Kerberos auth and are having a ton of issues ranging from performance to sites just not functioning. Kerberos is working properly... so the hard part is out of the way.

Has anyone here been successful at implementing a kerberos-authenticated proxy for your Macs? We are doing authenticated proxy for user tracking... this is an important need per PCI-DSS and SOX compliancy.

0 Kudos
Reply
4 REPLIES 4

bentoms
Release Candidate Programs Tester

Posted on ‎08-08-2015 12:22 AM

@Kedgar we used Websense with Kerberos auth with little or no issues on Mac & Wins.

We essentially enabled Kerberos auth on the proxies, then pointed the clients at the proxy & they authenticated using the users Kerberos ticket.

0 Kudos
Reply

jrserapio
Contributor

Posted on ‎05-12-2016 12:52 PM

@bentoms Sorry for bringing up an old thread, but are you using an authenticated proxy? if yes are you able to get MDM function to work on your macs with the proxy? Also have you run into any issues with Websense and the Macs, i.e. Websense blocks the native screenshot utility, websense blocks the use of programs like Xcode because of use of the same libraries etc?

thanks in advance

0 Kudos
Reply

bentoms
Release Candidate Programs Tester

Posted on ‎05-17-2016 01:17 PM

@jrserapio it's been a while.

But we never enabled SSL inspection, as MDM does certificate pinning. That can bust things.

No client was installed, so no issues on the Macs.

0 Kudos
Reply

nick_king
New Contributor II

Posted on ‎05-18-2016 10:00 AM

Is Kerberos listed as the first authenticate method on your Proxy servers? Mac's don't use other methods like NTLM, so if those are first it stops there and won't proceed to Kerberos.

0 Kudos
Reply