The Anonymous group is used in any situation where a suitable group for the user or device making a web request cannot be identified.
Web Gateway and UTM require most web accesses to be authenticated, and can therefore determine which user groups to use to determine filtering settings and permissions. Additionally, IP networks can be added to groups through the Users and Groups page, which also allows the system to determine which user groups to use. However, there are situations where no user group for a web request can be identified, and in these cases the Anonymous group is used.
Typically, the Anonymous group is used in the following situations:
- Where the system is deciding whether or not to authenticate a client's web request, and the client's IP address isn't part of any IP network defined in the Users and Groups page.
- Where authentication is completely disabled for a web request through an Override, the client's IP address isn't part of any IP network defined in the Users and Groups page and no recent authenticated web requests have been received from the client's IP address
- Where the Windows Domain Controller has authenticated a user, but they do not exist in the Opendium system's user database
In general, we advise not setting up specific filtering for the Anonymous group, and simply allowing it to be inherited from the Everyone group.