Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] SecurID externally, no SecurID internally?

To: "'[email protected]'" <[email protected]>
Subject: RE: [FW1] SecurID externally, no SecurID internally?
From: Geoffrey Moon <[email protected]>
Date: Fri, 23 Feb 2001 12:09:21 -0500
Cc: [email protected]
Sender: [email protected]

Right Ian, that's what we're doing now. The problem is that you them have to
issue a SecurID token to anyone who uses that server, including internal
users. That gets expensive quickly, and I really only need the additional
security for users connecting from machines and locations out of our
control. That's why I'm interested in the
internal->password/external->SecurID solution.

What I'm looking for is a way to get the client to handle the SecurID
challenge without using Securemote. It almost seems impossible since the
Citrix client has no knowledge of SecurID, so you'd have to run *something*
on the client side to handle the authentication prior to ICA coming up. What
that *something* is I don't know.

Geoff

-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: Friday, February 23, 2001 12:05 PM
To: [email protected]
Cc: [email protected]
Subject: RE: [FW1] SecurID externally, no SecurID internally?


Hi Geoff

The ACE/Agent for Windows NT/2000 runs on the Citrix MetaFrame Server.  Upon
logon to the MetaFrame Server, the user is challenged by both MetaFrame
Security and SecurID passcode Security.  There are installation papers for
both NT and Win2K on the citrix site - go to the Solution Knowledge base and
search on SecurID.  

In a Citrix environment, I find this a better alternative to using a VPN
Client.


Ian Watson

-----Original Message-----
From: Geoffrey Moon [mailto:[email protected]]
Sent: Friday, February 23, 2001 6:05 AM
To: [email protected]
Subject: [FW1] SecurID externally, no SecurID internally?



Anyone know of a way to require SecurID access to a server when the client
(Citrix ICA) is outside the firewall, and allow access to that same server
without using SecurID when the client is behind the firewall? Is it as
simple as setting up an auth rule on the firewall, or do I have to use
Securemote and hybrid auth to make this work? I'm trying to avoid Securemote
since the ICA session is already encrypted.

Geoff


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Re: Nokia vs NT (and solaris, just for kicks)
Next by Date: RE: [FW1] SecurID externally, no SecurID internally?
Previous by thread: [FW1] SecurID externally, no SecurID internally?
Next by thread: RE: [FW1] SecurID externally, no SecurID internally?
Index(es):
- Date
- Thread