This article describes how to set up IWA authentication on Symantec ProxySG utilizing Blue Coat Authentication and Authorization Agent (BCAAA).
The installation will consist of three main parts. They are as follows:
In order for authentication to be enforced, policy needs to be created that makes the end users authenticate. The following steps put the policy in place which will cause the ProxySG to authenticate connections going through it. VERY IMPORTANT NOTE: Not all applications (custom applications, music download clients, and so forth) know how to handle authentication requests made by the proxy. Some devices and operating systems may also fall into that category. Workstations that are not a part of the Windows domain may prompt the user for authentication. (This may happen when non-domain workstations are connected to your network and they try to get out to the Internet.) When these cases arise, it may be necessary to either bypass authentication for those applications, operating systems, and devices, or use some sort of substitute authentication policy. See Enhanced Authentication Use Cases. You may need a support.symantec.com username and password in order to obtain the above mentioned Tech Brief.