Hi,
I found the same problem with WSA 370. You may use the following workarounds, just verify the one that best suits your network.
- Use COOKIE surrogate instead of IP surrogate, that way a browser will use different authentication surrogate than the machine.
- Place the computer names in the corresponding AD groups (you will be granting access to the machine, not the user)
- Machine authentication is used to achieve network connectivity before a user logs in, in this case, you can create a custom category with the URLs that a machine usually connects to before authenticating the user, like windows update, watson, antivirus updates. Create an identity with authentication exception for those URLs.
- With windows Vista and 7 microsoft introduced a new feature, where the machine name is sent when you change your network connection (turn on wireless). This can be disabled with a registry key change. This is documented by IronPort on Knowledge Base answer Id 1713, find more information on: http://technet.microsoft.com/en-us/library/cc766017(WS.10).aspx
- Do not allow machine authentication in your network
This problem has been a headache for me, but I have been able to use a couple of workarounda and now it works fine.
Hope this helps,