[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Remote access through FW-1
Thanks Mike, Initially around 20 users, afterwards about 150 users. When the user goes to the URL of the OWA on the Web server after putting in the alias, the NT OS login screen pops up to access the mailbox, which is internal. I am running SSL and https on the Web server for OWA. Right now encryption is not a major importance just authentication through the firewall before access OWA. Thanks, Crystal -----Original Message----- From: Mike Glassman - Admin [mailto:[email protected]] Sent: Wednesday, June 20, 2001 9:47 AM To: '[email protected]'; [email protected] Subject: RE: [FW1] Remote access through FW-1 Crystal, This really depends on how many users you have. What sort of authentication are you asking for at the moment ? (If any). What I mean is, do your users get the NT-OS login screen popup when they try to access their mailboxes ? If you have a smallish group of users, you can define them in the FireWall and use Client Authentication when they try to access the OWA server, that way they will have an additional username and password to enter. Of course, there are drawbacks to this, the first being that the more users you have the harder to manage it becomes, and the second being that the moment your users start having multiple usernames and passwords, chances are they will start writing it down somewhere - which does go against the whole idea. The other option is as you say, to use SR on the Laptops and WS's, and add the OWA server to your secured servers list, and thus have all communication between the Laptop/WS be encrypted. Again, this setup will force you to define all the users as per the first suggestion. So your options as far as I see it, would be to either use SR for encryption, or use User Auth without encryption. Oh yes, there's also the option of using SSL and https instead of http access. Someone else might think of other ideas. Mike > -----Original Message----- > From: [email protected] [SMTP:[email protected]] > Sent: â éåðé 19 2001 14:45 > To: [email protected] > Subject: [FW1] Remote access through FW-1 > > We are allowing our users to access the MS Outlook WebAccess on our DMZ. > Management would like additional authentication before access the web > server. > How could I use FW-1 to perform this. Could I use the client > authentication > to create users or groups or do I have to have the clients use > SecureRemote > from there home pc's or laptops to do this? > > Thank you, > > Crystal Al-Shatti > Enterprise Network Security > Gulf Investment Corporation, Kuwait > [email protected] << File: InterScan_Disclaimer.txt >> "This message is intended for the use of the individual or entity to which it is addressed and may contain information that is protected by copyright, is privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, please return this message to the sender at the email address of the sender and destroy any copies of the message you may have. Please note the electronic communications may not be secure and therefore Gulf Investment Corporation does not accept legal responsibility for the contents of this message."
|