Example: using the internal user database
This scenario shows an example of separating users into groups for accessing different resources.
Company A has a general office network and a separate HR network for servers that contain HR information, such as employee records and payroll information. The servers already restrict which users have access. For auditing reasons, the administrators want to separate the users into groups and require authentication to access the HR network. The administrators:
- Create a User Group “HR Users” in the InternalDomain and assign one of the default internal authentication methods.
- Create User elements for each person with access rights under the HR Users group.
- Define Access rules for user authentication on the firewall.