Home page logo
/

firewall-wizards logo Firewall Wizards mailing list archives

Re: authentication
From: "Shaul Efraim" <shaul_efraim () hotmail com>
Date: Sun, 13 May 2001 15:29:21 +0200

Hi Art,

The scenario as you have described it is not so clear.

You can accomodate different authentication schemes with the software
you already have in hand.
Client Authentication allows to authenticate end nodes by username and
password and then authorize those to a specific application running on a
specific host in your corporate network. You can enhance that to include
encryption (SSL) or even enhance that enhancemnet by using Check Point
SecuRemote client software that ships for no additional cost with FireWall-1 /
VPN-1.

FW-1/VPN-1 4.1 allows to integrate additional Check Point product called
UserAuthority which can easily provide your end users / customers with single
sign-on capabilities (eliminate the application extra authorization challenge).

Please contact me if you have additional questions.

Shaul.



----- Original Message -----
From: "Art MacLaren" <art_maclaren () hotmail com>
To: <firewall-wizards () nfr com>
Sent: Friday, May 11, 2001 9:36 PM
Subject: [fw-wiz] authentication



We have hundreds of small sites connected to our corporate office via a
private WAN. We want to connect dozens of suppliers to the small sites. To
avoid the cost of purchasing and managing a firewall for each small site,
we'd like to connect the suppliers to a Checkpoint firewall in a DMZ that
corporate will maintain. For now, only private connections to the DMZ will
be allowed, not direct internet connections.

Since different suppliers need to connect to different applications at
different sets of sites, a lot of firewall rules will be needed, and the
complexity could cause a lot of trouble. Does the marketplace offer
commercial products to authenticate users at the firewall and to authorize
them to access different platforms at those sites? We have no control over
the hardware and software at the supplier and customer sites, so a
multi-platform approach is vital.

Thanks!



_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]