Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Meta IP - integration with fw-1

To: [email protected]
Subject: Re: [FW1] Meta IP - integration with fw-1
From: Layne Meier <[email protected]>
Date: Tue, 24 Apr 2001 07:32:15 -0400
Cc: [email protected]
Organization: Atlanta Journal-Constitution
References: <[email protected]>
Reply-to: [email protected]
Sender: [email protected]

As far as I am aware, the integration of MetaIP to Firewall-1 is strictly for
logging purposes.  (DNS not DHCP)  Normally, Firewall-1 logs the IP Addresses of
inbound and outbound transactions.  Integrating the dynamic DNS with DHCP will
allow your users' system names to be logged to the Firewall-1 logs instead of just
their IP Addresses.

What you can do is use the DHCP system to make sure those users continually get an
IP Address that would prevent them from getting to the Internet.  You would give
them a permanent reservation in DHCP, then you would need to create a couple of
rules in your ruleset that would restrict both inbound and outbound access to the
firewall to the IP ranges defined by your DHCP system.  Then, also, their system
names via the dynamic DNS would be written to the Firewall logs and you could watch
them try to gain access to the Internet only to be rejected.  However, unless you
have specific rules in place governing system management (ie; they could lose their
jobs if they were to manually change their IP Address to an address that has
Internet access).

Best regards,
Layne Meier
Network/Internet Analyst
Atlanta Newspapers

Lior Arbel wrote:

> Hello All
> I have Meta ip Newbe Question !!!
>
> I need help about intagretion of Meta ip with Fw-1
> i have DHCP and i want to block some users from access
> to the Internet.
> i have 300 users and want to block  about 100 users
> and i am thinking of buying meta ip , i have
> checkpoint 4.1 sp3 unlimited.
> do i need to configure on fw-1 all the 300 users or
> the 100 users for the blocking or i can get the user
> list from the Meta IP
>
> Best Regards
> Lior Arbel
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Auctions - buy the things you want at great prices
> http://auctions.yahoo.com/
>
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================

================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] Meta IP - integration with fw-1
  - From: Lior Arbel <[email protected]>

Prev by Date: Re: [FW1] Re-Routing VPN Traffic
Next by Date: AW: [FW1] Securemote
Previous by thread: [FW1] Meta IP - integration with fw-1
Next by thread: RE: [FW1] Meta IP - integration with fw-1
Index(es):
- Date
- Thread