Athena SWG (Secure Web Gateway)

Athena SWG (formerly Internet Access Gateway) ensures visibility and control across the network, detecting risks like unauthorized access, non-compliant activities, and data leaks to manage endpoints.
{{ $t('productDocDetail.guideClickSwitch') }}
{{ $t('productDocDetail.know') }}
{{ $t('productDocDetail.dontRemind') }}
13.0.120
Athena SWG (Secure Web Gateway) {{ breadTitle }} User Manual Use Cases SSO Configuration SSO Configuration for the AD Domain SSO Implemented Using IWA
{{sendMatomoQuery("Athena SWG (Secure Web Gateway)","SSO Implemented Using IWA")}}

SSO Implemented Using IWA

{{ $t('productDocDetail.updateTime') }}: 2025-12-29

You can enable IWA on the IAG to add the IAG and intranet computers to the AD domain. When an intranet user logs in to the domain and accesses a webpage, the user is authenticated on the IAG. The configuration procedure is as follows:

Step 1.Navigate to Access Mgt > Authentication > Web Authentication > Auth Server and set the authentication AD domain server.

Step 2.Set the authentication policy. Navigate to  Access Mgt > Authentication > Web Authentication > Authentication Policy and click Add. Set the authentication policy according to the IP or MAC addresses of the users who require SSO.

Step 3.Enable SSO on the device and set the IP address of the domain server. Navigate to Access Mgt > Authentication > Web Authentication > Single Sing-On(SSO) > MS AD Domain and perform configuration.

Select Enable Domain SSO.

Select Enable Integrated Windows Authentication and perform configuration. See the following figure.

Click Test. The test result is displayed.

Click OK. After about 1 minute, the loudspeaker icon in the lower-right corner will indicate whether you successfully joined the domain.

Step 4.Log in to the domain and access a webpage. View the online user list of the IAG, which displays the users who have been authenticated.