Athena SWG (Secure Web Gateway)

Athena SWG (formerly Internet Access Gateway) ensures visibility and control across the network, detecting risks like unauthorized access, non-compliant activities, and data leaks to manage endpoints.

13.0.120

{{item.code}}

User Manual

IAG Installation

IAG Console

Web Login

Configuration

Functions

Value-Added Services

Sangfor Business Intelligence

Internet Access Analytics

Bandwidth Analytics

Electricity Waste Analytics

Real-Time Status

Real-Time Status

Proxy

Access Management

Working Principle

802.1X Authentication

Authentication

Endpoint Check

Ingress Client Settings

Online Activities

Access Control

Advanced

Bandwidth Management

Quota Control

Link Load Balancing

Activity Audit

Internet Access Audit

Ingress Client Audit

Endpoint Management

Endpoint Connection Control

Security Capabilities Configuration

Connect IAG to Endpoint Secure

Endpoint Connection Control Case Study

Internet Security

System

Object

Network

Sangfor VPN

Firewall

General

Diagnostics

Use Cases

SSO Configuration

SSO Configuration for the AD Domain

Proxy SSO Configuration

SMS Authentication

Send SMS Through an SMS Modem

Endpoint Device Management Configuration

Comprehensive Configuration

SNMP Trap Configuration

Basic Configuration

Enable Email Alert

Testing Procedure

Test with the MIB Browser Tool

Testing Results

International Bandwidth Configuration

Athena SWG (Secure Web Gateway)

User Manual

Use Cases

SSO Configuration

Configuration of SSO Implementation with Third-Party Devices

H3C CAMS

{{sendMatomoQuery("Athena SWG (Secure Web Gateway)","H3C CAMS")}}

H3C CAMS

{{ $t('productDocDetail.updateTime') }}: 2025-12-29

H3C CAMS is similar to Ruijie SAM, a broadband authentication and charging management system commonly used by colleges and level-2 carriers. The IAG works with H3C CAMS using an interface provided by H3C CAMS and regularly obtains user information from H3C CAMS to update its online user line or user list for SSO. See the following figure.

The data flow is as follows:

A PC is authenticated by H3C CAMS.

The IAG synchronizes information about the organization structure and online users from H3C CAMS as scheduled.
The PC accesses the Internet as an online user whose information is obtained by the IAG.

The procedure is as follows:

Step 1.Set the authentication policy. Navigate to Access Mgt > Authentication > Web Authentication > Authentication Policy and click Add to set the authentication policy according to the IP or MAC addresses of the users who require SSO.

Step 2.Choose Access Mgt > Authentication > Web Authentication > Single Sign On SSO > Third-Party Server and set the H3C CAMS server.

Step 3.Choose Users > Single Sign On SSO > Third-Party Server and perform configuration.

Select H3C CAMS System and select the H3C CAMS server configured on the External Authentication Server page.

Step 4.When H3C CAMS authenticates a user, the user can access the Internet through the IAG.

1. H3C CAMS allows automatic user information synchronization at Access Mgt > User Management > User Sync.

2. In some cases, a user is authenticated by the IAG (depending on Interval for Obtaining Authenticated User) after being authenticated by the authentication server. Therefore, it is recommended that the authentication policy be configured not to require user authentication after an SSO failure.

{{ $t('index.defaultHeader.logo') }}

Athena SWG (Secure Web Gateway)

H3C CAMS