For more information about Smoothwall Filter and Firewall groups, see our help topic, About groups.
Banned Users
This group is used by the user banning features. When a user is banned, the user's group membership gets overridden and the user is now placed in the "Banned Users" group. A web filter policy is needed to block access for the "Banned Users" group, because it's not added automatically.
Default Users
This group is used when a user is authenticated correctly but the web filter has no information about the users group membership. Directory groups are mapped to local Smoothwall groups, but if a user is not a member of any mapped group, the user's group membership is set to "Default Users".
Unauthenticated IPs
Any unauthenticated request has "Unauthenticated IPs" in the group field. This goes for any proxy that doesn't require authentication as well as any request to destinations included in the authentication exceptions section of the proxy configuration.