the good old NTLM Agent is still working with MWG7. So just install it on a Windows member server and configure NTLM-agent authentication.
This way you also have to open a selectable port through you firewall if the MWG is placed in a DMZ. Also the MWG does not need to join the Windows domain.
I was thinking about going that route, basically we have a certain amount of users (around 3,000) that we want to have to authenticate every time they need to use the internet. They are going to be broken up into two differrent groups on the AD and they will each have different web sites they will be able to access.
I didnt want them being logged onto a domain and then being able browse the internet whenever, we would like them to log in.
Does this make sense?
Why the explizit login ? Was it the same in the past ?
Yes. We took over the users who use to do it this way on the websense appliance.
I would go for multiple NTLM Agents and transparent authentication if possible.
The users will love it (so you get some bonus points here with your new product if other things fail ).