1 2 Previous Next 14 Replies Latest reply on Jul 17, 2013 6:15 PM by Jon Scholten

    mobile devices and authentication, or, how to bypass it

      How are people handling mobile devices (iOS specifically, but I'm sure it's pretty universal) on your network? Like most, iOS is ubiquitous in our environment, and will be on the corporate network in a short amount of time.

       

      Here's a little bit about us:

      • Authentication = NTLM
      • iOS clients will not come from dedicated address space
      • This is all about being able to pull a specific users web history if required by HR
      • I fully appreciate the fact that if someone wants to get silly, they can simply switch from wireless to cellular and we'll never see it

       

      As best as I tell, the real options are to bypass authentication based off of client.ip, or user-agent. Client IP is difficult for me, as iOS mingles with Windows users, and user-agent reminds me of whack-a-mole (I'm currently up to 18 different ones, and I've started getting pretty liberal with wildcards).

       

      So, what are people doing? No Internet access? User-agents? Client IP? Letting users deal with the authentication prompts? Something else?

       

      Appreciate the help,

       

      Jim

        1 2 Previous Next