Filter
Top Products
39
Step 7: Next navigate to Users > Local Groups and configure the Group you want the new CFS
policy to apply to.
Step 8: Select the CFS policy you created under the CFS Policy tab. Repeat this same process for
every group that requires custom CFS settings.
Enforcing CFS Policies without Requiring All Users to Authenticate
There is one more trick you can do with CFS involving user authentication. Some organizations want a
default policy that applies to virtually everyone, but would rather not use Single Sign On (SSO) or local
authentication for the majority of their user base. However, they still want a way for specific groups/users to
be able to authenticate so they can bypass the default CFS policy. In this scenario, you will want to
customize the CFS block page. The default block page informs a user that website is forbidden for X reason.
What we want to do is add some simple html code that informs the users the page is still forbidden, but
include a link that redirects them to login into the firewall. After logging in that user will now inherit whatever
CFS permissions you’ve assigned them.