[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Anyone out there using Session Auth agent ?
Hi, I am tossing up a few ideas and one of them uses the session auth agent as a low cost of ownership authentication mechanism for remote sites which are not considered 100% trusted. These sites have an IKE tunnel back to a regional corporate Firewall-1, but the sites are not necessarily secure themselves or they have people from other organisations sitting on the same segment. I thought that the session auth agent might provide a simple authentication mechanism for anyone wanting to access any recources outside of the site through the tunnel. The session auth rule would be applied to the remote firewall and once authenticated they would have access to go further than the local LAN. Another idea was to give everyone Securemote but it is a much more intrusive application and costs more to maintain. Anyone tried a Securemote session to a remote firewall to deal with local authorisation, and then let the traffic pass from the remote firewall via the tunnel to the corporate LAN ? Any other ideas, to provide a practical solution to people on remote untrusted LAN's (where there is no control of switch port allocations etc) Mark ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|