| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] Anyone out there using Session Auth agent ?
Hi,
I am tossing up a few ideas and one of them uses the session auth
agent as a low cost of ownership authentication mechanism for remote sites
which are not considered 100% trusted.
These sites have an IKE tunnel back to a regional corporate Firewall-1, but
the sites are not necessarily secure themselves or they have people from
other organisations sitting on the same segment. I thought that the
session auth agent might provide a simple authentication mechanism for
anyone wanting to access any recources outside of the site through the
tunnel. The session auth rule would be applied to the remote firewall and
once authenticated they would have access to go further than the local LAN.
Another idea was to give everyone Securemote but it is a much more
intrusive application and costs more to maintain.
Anyone tried a Securemote session to a remote firewall to deal with local
authorisation, and then let the traffic pass from the remote firewall via
the tunnel to the corporate LAN ?
Any other ideas, to provide a practical solution to people on remote
untrusted LAN's (where there is no control of switch port allocations etc)
Mark
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
