[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] question about VPN infrastructure.
Another solution to control what the home PC:s are able to communicate to is to use CP SecureClient instead of SecuRemote. When the home PC:s connect via VPN then the FW1 push a policy to that PC. But then you have to purchase a license for that. Regards Johan ----- Original Message ----- From: "Thomas Nilsen" <[email protected]> To: <[email protected]> Sent: Friday, January 12, 2001 2:48 PM Subject: RE: [FW1] question about VPN infrastructure. > > The VPN connection to the users are not a problem. SecuRemote works fine for > this type of connectivity. > > You will on the other hand have a problem restricting internet access on > these PC's. If you have complete controll of how the PCs are set up, you > could force them to use a proxy service for their browser, provided you have > some form of proxy server on the inside of your FW. This means locking down > Windows as well to make sure they cannot change any settings on the PC. > > On point 4, the best protection is probably to use upto date antivirus > products, as well as a personal firewall like ZoneAlarm. > > Regards, Thomas > > -----Original Message----- > From: Langa Kentane [mailto:[email protected]] > Sent: Friday, January 12, 2001 12:44 PM > To: Firewall-1 Mailing List (E-mail) > Subject: [FW1] question about VPN infrastructure. > > > > Greetings. > I don't have much experience with VPN-1 products. I now have a project to > create a VPN infrastructure for our company. > > This is what I need to do: > There are 20 home users that need to be connected to our VPN. > 1. Each user already has a dial up account to a local ISP. > 2. The users must use securemote to connect to our company. > 3. The users are not to be able to do any surfing on the internet unless > it's thru our firewall coz they need to be authenticated and also we > have a websense UFP rule that they must go thru. > 4. Users from the internet must not be able to connect to their machines. > 5. They must be able to connect to our NT domain and our exchange server and > the rest of the shares in the company. > > Can I do this with VPN-1 and if so, where can I find docs that will I can > look at to do the configuration? > > Thanks in advance. > > __________________________________________________________ > Langa Kentane | TEL:> Security Administrator | Cell:> DISCOVERY HEALTH | http://www.discoveryhealth.co.za > __________________________________________________________________ > > > > ============================================================================ > ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|