StarWind supports the Challenge-Handshake Authentication Protocol (CHAP) for authentication of users. Challenge Handshake Authentication
Protocol is a type of authentication in which the authentication agent (typically a network server) sends the client program a random value that is used only once and an ID value. Both the sender and peer share a predefined secret. The peer concatenates the random value (or nonce), the ID and the secret and calculates a one-way hash using MD5. The hash value is sent to the authenticator, which in turn builds that same string on its side, calculates the MD5 sum itself and compares the result with the value received from the peer. If the values match, the peer is authenticated. By transmitting only the hash, the secret can't be reverse-engineered. The ID value is increased with each CHAP dialogue to protect against replay attacks.
You can limit access to all server targets at once or set permissions for each targets separately. If you want limit access to certain targets only and remain other targets shared for all, you need to set permissions for those targets only. Otherwise you may limit access for all targets by setting permissions for connection.
Also you can use one-side authentication or mutual authentication.
