HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Kenilworth Update Improves Authentication on Smoothwall Web Filter

The latest update to the Smoothwall web filter sees improvements made to authentication and safeguarding, along with the option of adding a Google sign-in button to the login page to allow access with a single click.

One of the main features to be added to the Smoothwall’s secure web gateway web filter by the Kenilworth update is the incorporation of IDex identity indexing, which makes the process of authenticating users far simpler. IDex is also a more scalable identity checking mechanism that authentication. IDex does not depend on a connection to domain controllers for authenticating users and there are no delays to user access with this new identification system.

At the heart of IDex is the IDex Directory – a database housed on a Smoothwall appliance that contains all the necessary user identity information. IDex Directory records the username, IP address, groups, and logged-in timestamp for each user, and integrates that information with all Smoothwall services that require identity verification. Data are also replicated across nodes.

Workstations have the IDex Client running as a service which forwards the logged in username, groups, and traffic to the Smoothwall. The Client interrogates the workstation to determine which user is logged in at any given time, so there is no need to rely on a connection to domain controllers for the identification of users. The IDex Client can be configured via Active Directory Group Policy.

The IDex Agent is an application that runs on Windows Active Directory domain controllers and monitors the Windows event audit log on the domain controller, passing the credentials of the logged in user to the IDex Directory in real time, with group information replicated on a daily basis. The IDex Agent can similarly be deployed using Active Directory Group Policy.

Smoothwall has listened to customer feedback and incorporated a number of additional features with the Kenilworth release, including the option of filtering safeguarding reports by group. This allows users to view a user group’s breaches on the administrative UI or portal. Reports can now be run for a specific data range to make the investigation of incidents easier. Reports can be printed or saved as PDF files.

Other notable changes include the names of YouTube videos being displayed in Safeguarding reports, making it much easier to identify the type of video that was viewed without having to visit YouTube. In a similar vein, the title of webpages are listed in reports rather than the URL, making the reports far easier to interpret.

Skype has been added as a filtering category to allow use in a simple and secure way.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.