If you set up WebTitan as a Transparent Proxy then you can set your default gateway as WebTitan and all outbound web traffic will be filtered by WebTitan. In this set up you can use IP authentication and will need to identify users by IP address.
Another useful tool is the wpad file – you can use the wpad file to auto-configure your browsers to use WebTitan or set your browser’s proxy settings in the Group Policy Object (GPO) of your Windows Server. In this case you can use NTLM authentication and once a user is logged on to their Windows Domain they will be automatically authenticated to use WebTitan.
When browsing are your users occasionally asked to reauthenticate themselves?
This could be a result of not having enough NTLM/LDAP authenticators allocated by your system to handle all the authentication requests you are receiving. A possible solution is to increase the amount of authenticators from the ‘System Setup > Authentication’ tab. 10 is the default amount but for users in the hundreds at least 30 authenticators is recommended.
To complement an increased amount of authenticators you may also consider enabling IP Sessions from this same tab. With IP sessions enabled, once users have authenticated themselves via their username and password, their IP address will be recorded and used for authentication for the remainder of the session, which cuts down on the amount of authenticators required by the system.
It should be noted that using IP Sessions may not be suitable in an environment which uses terminal servers.