User is a member of multiple groups
we are currently in the process of buying a FG-500E. I have a question regarding groups and web filter profile usage:
We are planning on using agent-based FSSO and creating multiple AD-Groups that can be assigned to users to manage their internet access. A user can be a member of multiple groups. I can create multiple authentication rules, each of them having different Web Filter policies.
Authentication Rule 1: group A - Webfilter Profile A (full access)
Authentication Rule 2: group B - Webfilter Profile B (allow test.de)
Authentication Rule 3: group C - Webfilter Profile C (allow testing.de)
Authentication Rule 4: group D (normal user) - Webfilter Profile D (restricted access (deny test.de + deny testing.de + allow fortinet.com))
If a user is in group A and group D, only Authentication Rule 1 is used. If a user is only in group D, only Authentication Rule 4 is used.
What happens, if a user is in group B and D? Will he have access to *.test.de and additionally the sites listed in Webfilter Profile D? Or will he only have access to test.de?
I hope everything was understandable...