i have MacAfee web gateway on the Cloud ,(Epo) once i put my ID on browser as proxy it's give authentication (username, password) , how to by pass authentication ? i don't AD for integration
If you don't want to make use of MCP.You can follow the below link
Supported authentication method:-
For UCE:- Configure the SAML settings in MVISION Cloud
Was my reply helpful? If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a solution" if this reply resolves your query!
For SAML Authentication:- You need to use port 8084, Port 8080 is for HTTP proxy
Configuring the Browser When using SAML Authentication:-
Using a proxy.pac or wpad file is best to redirect traffic to the cloud service. This will allow for exceptions that are required for SAML to work.
For quick testing, you can configure the browser to point to the Web Gateway Cloud Service as a proxy.
Browser Proxy Settings
Configure the browser to point to your specific proxy address (i.e. c111111.saasprotection.com, where 111111 is your customer ID) for SAML Authentication specify proxy port 8084. In the Exceptions we've added our organization domain (tangomark.com), this will allow the browser to communicate directly to the identity provider as configured above.
For MCP:- Browser Configuration is not needed
The GroupCache Manager in MCP is responsible for checking the connectivity with AD server and updating endpoint's group list which is further used by MCP to form and send X-SWEB-AuthGroups header towards Proxy Server.
If the AD server is not reachable then MCP sends current available groups on the machine. That is, It performs similar process like "whoami /groups" and collects current available groups from machines.
Web Gateway Cloud Service: Deploying and managing McAfee Client Proxy with ePO Cloud
there are multiple ways how you can get access to our Cloud Service:
- Browser Configuration + SAML
- Browser configuration + IP Authentication
I would highly recommend using MCP and get rid if Browser settings. Even if IP Range Authentication is possible it have some limitations you have to take in you consideration. To receive help it would be highly appreciated to know what exactly you've tried(step-by-step)?