| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] Transparent User Auth?
- To: [email protected]
- Subject: Re: [FW-1] Transparent User Auth?
- From: Frank Darden <[email protected]>
- Date: Tue, 25 Feb 2003 21:17:42 -0500
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-index: AcLdJ7Y++ds4EYIASX2I9rFsGCN7VAAFMkrw
- Thread-topic: [FW-1] Transparent User Auth?
The Metaip UAM/UAT integration no longer exists. It has been superceded by a product called "UserAuthority" UserAuthority works independent of any DHCP server. It works quite well. Here is a description of one of the implementations I did
http://search.checkpoint.com/search/?sp-a=sp090e5c03&sp-q=slimfast and here is a link for more info on UserAuthority http://www.checkpoint.com/products/manage/userauthority.html
Frank Darden
Chief Technology Officer
Mission Critical Systems
http://www.locked.com
-----Original Message-----
From: Hamilton, Kent [mailto:[email protected]]
Sent: Tuesday, February 25, 2003 5:34 PM
To: [email protected]
Subject: Re: [FW-1] Transparent User Auth?
Does the MetaIP integration with FW-1 still work? We have 5.1 of it here
and nowhere in the docs is it mentioned anymore. Of course I never got it to
work correctly when I last tried it a couple years ago.
--
Kent Hamilton [email protected]
Manager - Systems & Networking
Hunter Engineering Company
> -----Original Message-----
> From: Lars Troen [mailto:[email protected]]
> Sent: Tuesday, February 25, 2003 2:18 PM
> To: [email protected]
> Subject: Re: [FW-1] Transparent User Auth?
>
>
> It's possible to do this, but you need an addon, but it's not
> exactly a third party addon as it's Checkpoint software,
> namely MetaIP.
>
> Other and cheaper ways of solving this particular problem
> would be to use a proxy server that could utilise transparent
> user authentication. Both MS Proxy/ISA Server and Squid (with
> compiled in addons for AD and SMB) could do this.
>
> The simplest way would however be to restrict the access of
> the computers these users are using from accessing the
> internet. This could be done by assigning predefined ip
> addresses to these computers that would have a blocked access
> rule on the firewall or you I guess you could do it with some
> creative use of group policies.
>
> Lars
>
>
> -----Original Message-----
> From: Hamilton, Kent [mailto:[email protected]]
> Sent: Tue 25-Feb-03 7:18 PM
> To: [email protected]
> Cc:
> Subject: [FW-1] Transparent User Auth?
>
>
>
> We use FW-1 NG SP2 on Secure Platform with mixed NT
> domains and Active
> Directory (Migrating to AD only).
> I've been asked to block specific users from browsing
> the web without
> forcing them to log in manually through the firewall.
> Is that possible
> without third party add-on's?
>
> I asked our vendor last week and haven't gotten an answer.
>
> Any help/suggestions appreciated.
>
> --
> Kent Hamilton <Khamilton(at)Hunter.COM>
> Manager - Systems & Networking
> Hunter Engineering Company
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
>
> N j 9I~' k) z 6Özf
> !$æ elè!yæ))rÉ^ æØayæVvÇ
> fj)b b N ry bèf)+-äW zæ^{--Êjæm > $à&æÇ' Xà f ZÆØ'ì-Zè
> *mÈÇj)_Z0ä
> ^rJh {\
>
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
|
|
