Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

AW: Securing Web access from internet

From: Meidinger Chris <chris.meidinger () badenit de>
Date: Thu, 7 Aug 2003 08:48:57 +0100 
I agree, authenticating on the firewall is the best way to go.
checkpoint fw-1 and rsa secureid work great together too for this.

badenIT GmbH
System Support
 
Chris Meidinger
Tullastrasse 70
79108 Freiburg

______________

Es gibt 10 arten von Menschen auf dem Planeten, 
welche die Binär verstehen, und welche die es nicht tun.



-----Ursprüngliche Nachricht-----
Von: David Gillett [mailto:gillettdavid () fhda edu]
Gesendet: Wednesday, August 06, 2003 10:57 PM
An: 'Bob Freeman'; security-basics () securityfocus com
Betreff: RE: Securing Web access from internet


  Years back, I worked on a network where we had a requirement 
like this, which we met by deploying a PIX as gateway with an
attached TACACS+ server.  Clients who telnetted to the gateway
and authenticated against TACACS+ got access to the network
beyond the gateway.
  More recently, I've been using some of the authentication
services offered by CheckPoint's FW-1 firewall and BlueSocket's
"wireless" security box.  I suspect that user authentication
as a firewall feature has become fairly widespread, although
I'm not sure how common on boxes costing less than about $10K.

David Gillett



-----Original Message-----
From: Bob Freeman [mailto:cm94 () hotmail com]
Sent: August 6, 2003 08:58
To: security-basics () securityfocus com
Subject: Securing Web access from internet




Hi everyone,  We have a web application on our LAN (based on 
IIS) and we want to make  this web application available from 
the internet for specific  users/workstation.  1)I want to 
make sure that these users/workstation are authenticated  
BEFORE accessing the local network.  2)I want to make sure 
that the information transiting on the public  network is 
encrypted  3)I would prefer to not have anything to install 
on the remote  workstations (if possible)  4)I don't want a 
VPN solution.  I don't know much about the product I need but 
I suppose it would be a  kind of web relay/authentication 
server installed in our DMZ.   Do you have product to 
propose?  Thanks  Bob Freeman

--------------------------------------------------------------
-------------
--------------------------------------------------------------
--------------



---------------------------------------------------------------------------
----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: