NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Remote access through FW-1



Thanks Mike,

Initially around 20 users, afterwards about 150 users. When the user goes to
the URL of the OWA on the Web server after putting in the alias, the NT OS
login screen pops up to access the mailbox, which is internal. I am running
SSL and https on the Web server for OWA. Right now encryption is not a major
importance just authentication through the firewall before access OWA.

Thanks,

Crystal

 -----Original Message-----
From: 	Mike Glassman - Admin [mailto:[email protected]] 
Sent:	Wednesday, June 20, 2001 9:47 AM
To:	'[email protected]'; [email protected]
Subject:	RE: [FW1] Remote access through FW-1

Crystal,

This really depends on how many users you have.

What sort of authentication are you asking for at the moment ? (If any).
What I mean is, do your users get the NT-OS login screen popup when they try
to access their mailboxes ?

If you have a smallish group of users, you can define them in the FireWall
and use Client Authentication when they try to access the OWA server, that
way they will have an additional username and password to enter. Of course,
there are drawbacks to this, the first being that the more users you have
the harder to manage it becomes, and the second being that the moment your
users start having multiple usernames and passwords, chances are they will
start writing it down somewhere - which does go against the whole idea.

The other option is as you say, to use SR on the Laptops and WS's, and add
the OWA server to your secured servers list, and thus have all communication
between the Laptop/WS be encrypted. Again, this setup will force you to
define all the users as per the first suggestion.

So your options as far as I see it, would be to either use SR for
encryption, or use User Auth without encryption.

Oh yes, there's also the option of using SSL and https instead of http
access.

Someone else might think of other ideas.

Mike

> -----Original Message-----
> From:	[email protected] [SMTP:[email protected]]
> Sent:	â éåðé 19 2001 14:45
> To:	[email protected]
> Subject:	[FW1] Remote access through FW-1
> 
> We are allowing our users to access the MS Outlook WebAccess on our DMZ.
> Management would like additional authentication before access the web
> server.
> How could I use FW-1 to perform this. Could I use the client
> authentication
> to create users or groups or do I have to have the clients use
> SecureRemote
> from there home pc's or laptops to do this?
> 
> Thank you,
> 
> Crystal Al-Shatti
> Enterprise Network Security
> Gulf Investment Corporation, Kuwait
> [email protected] << File: InterScan_Disclaimer.txt >> 
 "This message is intended for the use of the individual or entity to which it is addressed
and may contain information that is protected by copyright, is privileged, confidential and
exempt from disclosure under applicable law. If the reader of this message is not the
intended recipient, please return this message to the sender at the email address of the
sender and destroy any copies of the message you may have. Please note the electronic
communications may not be secure and therefore Gulf Investment Corporation does
not accept legal responsibility for the contents of this message."


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.