[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Remote access through FW-1
Crystal, This really depends on how many users you have. What sort of authentication are you asking for at the moment ? (If any). What I mean is, do your users get the NT-OS login screen popup when they try to access their mailboxes ? If you have a smallish group of users, you can define them in the FireWall and use Client Authentication when they try to access the OWA server, that way they will have an additional username and password to enter. Of course, there are drawbacks to this, the first being that the more users you have the harder to manage it becomes, and the second being that the moment your users start having multiple usernames and passwords, chances are they will start writing it down somewhere - which does go against the whole idea. The other option is as you say, to use SR on the Laptops and WS's, and add the OWA server to your secured servers list, and thus have all communication between the Laptop/WS be encrypted. Again, this setup will force you to define all the users as per the first suggestion. So your options as far as I see it, would be to either use SR for encryption, or use User Auth without encryption. Oh yes, there's also the option of using SSL and https instead of http access. Someone else might think of other ideas. Mike > -----Original Message----- > From: [email protected] [SMTP:[email protected]] > Sent: â éåðé 19 2001 14:45 > To: [email protected] > Subject: [FW1] Remote access through FW-1 > > We are allowing our users to access the MS Outlook WebAccess on our DMZ. > Management would like additional authentication before access the web > server. > How could I use FW-1 to perform this. Could I use the client > authentication > to create users or groups or do I have to have the clients use > SecureRemote > from there home pc's or laptops to do this? > > Thank you, > > Crystal Al-Shatti > Enterprise Network Security > Gulf Investment Corporation, Kuwait > [email protected] << File: InterScan_Disclaimer.txt >> ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|