@BPry wrote: @Brandon_Wertz, I'm personally not really a fan of domain credential filter as it would only detect when a user is submitting both a valid username and password and that the user logged into the source-ip matches those credentials. My thought process on this method is that I would rather know if any valid user-id is being submitted, regardless if the password is valid or if it matches the mapped source-user. You can do either type deployment...The more broad deployment will block known IP to known user ID without regard for a valid password. The reason for not blocking this is you can't necessarily control if a user, however stupidly, decides to user their domain user ID for some Internet based hosted service. At my company a lot of people user this ID for company driven cloud/Internet based services. (We're in the process of whitelisting these sites.) I actually like the "domain credential filter" because it's less intrusive and is more specific to what we're trying to block. However the idiocrincies to get this to work makes it really difficult to get deployed.
... View more