Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

NTLM Agent Authentication

NTLM Agent authentication uses a separate software product, known as the NTLM Agent, for authenticating users on Web Gateway.

This authentication methods is an option, for example, when the connection between Web Gateway and the domain controller that is involved in the authentication process is blocked by a firewall. The NTLM Agent only requires a single freely definable port to be opened for connecting to the domain controller.

Configure settings for the NTLM Agent

The NTLM Agent is installed on one or several WIndows systems in your network. On these systems, it runs as a service that performs its authentication tasks in the background.

This service can, however, not be accessed at the system desktop. After the NTLM Agent has been installed on a system, it is therefore available as an application, which can be accessed in a directory of that system. This directory is usually the program files directory.

When the application is accessed, it opens a configuration window at the system desktop, which allows you to configure settings for the NTLM Agent.

The NTML Agent service and its application communicate with each other, so the configuration settings that you implement using the application are applied to the service.

In addition to configuring settings using the configuration window of the NTML Agent, you must also configure NTLM Agent settings on the user interface of Web Gateway.

Configure NTLM Agent authentication

Configure NTLM Agent authentication both in the user interface of Web Gateway and the configuration window of the NTLM Agent.

  1. Download and install the NTLM Agent software.
    1. Go to the Cloud & Content Security portal at
    2. Navigate to Products > Web Gateway 6 > Downloads > Tools.
    3. In the NTLM Agent section, click the .exe icon.
    4. Follow the instructions of the installation program.
  2. Configure the settings that are provided by the NTLM Agent.
    1. After the NTLM Agent software has been installed on a system in your network, navigate to the NTLMAgent.exe file in the directory where the software was installed.
      The path to this file might be, for example, C:\\Program Files\Secure Computing\NTLMAgent.
    2. Click the .exe file
      A menu with basic options for working with the NTLM Agent opens.
    3. Click Configure.
      The NTLM Agent configuration window opens.
    4. Use the NTLM Agent window to configure the NTLM Agent settings.
  3. Configure the settings that are provided on the user interface of Web Gateway.
    1. Select Policy > Settings.
    2. On the settings tree, expand Authentication and click one of the settings, for example, the User Database settings.
      The settings appear in the configuration pane.
    3. From the list under Authentication methods, select NTLM Agent.
      The NTLM Agent Specific Parameters section appears below the Common Authentication Parameters section.
    4. Work with the options of this section to configure NTLM Agent settings.
  • Was this article helpful?