1.3.2. User authentication

The platform supports various authentication mechanisms for users, such as Captive portal, Kerberos, and NTLM, while user accounts can be obtained from any sources: LDAP, Active Directory, FreeIPA, TACACS+, Radius, or SAML IDP. SAML IDP, Kerberos-based and NTLM-based methods allow for transparent authentication (i.e. without asking any credentials) of users from your Active Directory domain.

Network administrators are free to apply individual security settings for a specific user, group of users or, all known or unknown users. In addition, the system supports authentication via special Terminal Services Agents or via authentication agents for Windows-based platforms.

For better protection of accounts, it is also recommended that you use multi-factor authentication based on TOTP tokens (Time-based One Time Password Algorithm), SMS or email.