You could also determine the user agent string from access logs on the appliance. Complete these steps:
In the GUI, choose System Administration > Log Subscription > Access logs.
Add %u in the Custom fields.
Submit and commit the changes.
Grep or tail the access logs based on the client IP address.
The user agent string should be located at end of the access log line. Example: In a Chrome browser, you could see the user agent string as Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.13 (KHTML, like Gecko) Chrome/0.X.Y.Z Safari/525.13.)
Configure the WSA to bypass authentication for the user agent strings.
Choose Web Security Manager > Identities. Click Add Identity.
Name: User Agent AuthExempt Identity
Insert Above: Set to order 1
Define Members by Subnet: Blank (or You could also define an IP address range/subnet)
Define Members by Authentication: No Authentication Required
Advanced > User Agents: Click None Selected. Under Custom user Agents, specify the User Agent string.
Choose Web Security Manager > Access Policies. Click Add Policy.
Policy Name: Auth Exemption for User Agents
Insert Above Policy: Set to Order 1
Identity Policy: User Agent AuthExempt Identity
Advanced : None
This configuration should exempt authentication for the specified user agents. The access policies will still filter (based on URL categories) and scan (McAfee, Webroot) traffic as per the access policy setup.