Silo supports three types of proxy authentication:

  • Kerberos Authentication
  • NTLM Authentication
  • Basic Authentication

The Kerberos / NTLM authentication is supported at:

  • Normal User Logon using username / password
  • Smart Card Logon using CAC / PIV smart card 


Kerberos and NTLM Authentication - Kerberos is the preferred authentication mechanism for a modern Windows OS and can default back to NTLM if required (more details). In most corporate environments where a proxy is present, this authentication mechanism is standard and transparent to the end user. As an administrator, there is no special configuration that needs to be made for this to work.

Previously, the Windows Client supported the proxy authentication under normal user logon requiring a username and password.

The proxy authentication is expanded for the smart card logon achieving a more secure environment. More here.

Note:If the computer trying to connect to the Silo service is not connected to the domain, the user may be prompted for a domain credential when Silo connects to the proxy. Please see below for additional information.

Basic Authentication - Basic Authentication requires a simple username and password for authentication. Because the username and password may be sent in clear text, it is not considered to be a secure way to authenticate to a proxy. More here.

Additional Notes

If a user is prompted for a credential when connecting to the proxy, Silo will use the built-in Windows Credential Manager to pass these credentials to the proxy.  This usually gives the user the option to save the credential. So if a proxy credential has been added and saved for browsing on a local browser, this will be available for Silo to use. Also, if a credential is added and saved when launching Silo, it will also be available to other applications on the computer, which use the Windows Credential Manager.

Please contact Support if you have any additional questions or concerns.