One of the policy objects that can be defined in the Guardian web filter is called locations. Locations are collections of IP addresses, subnets, ranges of IP addresses and host names.
Locations are used in the "Where" column in all Guardian policies and they are also used in the web proxy configuration, when setting up proxy authentication policies.
One option for proxy authentication is "Identification by location" that allows you to map a location to a user group. Any traffic coming from the specified location, will be given the same web permissions assigned to the user group.
However, it's easier to achieve the same result directly in the proxy authentication configuration:
- Select authentication method of "No Authentication" or "Core Authentication" in step 1.
- Select location for step 2.
- Select the assigned group in the "Options for unauthenticated requests" for step 3.
This will achieve the same result, with the added flexibility of being able to browse as a different user group, if core authentication has been selected and a login has been performed.