In the event that an Authentication Server is being utilized in an environment, Deep Packet Inspection (if enabled) will need allowances for the Authentication resources. Otherwise, it may cause authentication attempts to timeout and/or fail. This is largely due to the fact that without the allowances an Authentication Service may detect the presence of a ‘man in the middle’, which is considered a security concern.
To properly configure for this setup, an Administrator can whitelist the Authentication Servers to allow for successful authentication.
To do so, follow these steps:
- Login to the Endpoint Protector Console
- Go to Denylists and Allowlists and then select Allowlists
- Select the Deep Packet Inspection tab and then click Add
- Fill in all required fields to define your ADFS resource(s) and then click Save
- Go to Content Aware Protection, Content Aware Policies, select your Policy and then click Edit
- Go to the Policy Allowlists section and click the Deep Packet Inspection tab
- Select the entry defined in step 4 and then verify your selected Policy Entities accuracy
- Click Save
Next: On the managed Endpoint, right-click the System Tray / Menu Bar item for Endpoint Protector and select 'Update policies now'.
