Several protocols support secure traffic acceleration. When enabling secure traffic optimization, you must choose an authentication method: NTLM or Kerberos. SteelHead, handles end-to-end authentication between the client-side and server-side appliances, as well as between the server-side appliance and the Windows domain controller.

By default, this feature is disabled. It needs to be configured on both the client-side and server-side appliances, and a service restart is required.

NTLM authentication has two modes: transparent and delegation. Transparent mode optimizes signed or encrypted packets with transparent authentication. Delegation mode re-signs packets using Kerberos delegation. NTML authentication supports all Windows clients and servers with NTLM enabled. If you choose this mode, you must join the server-side SteelHead to the Windows domain.