Firewall Wizards mailing list archives
Placement of Strong Authentication Servers
From: "Matt McClung, CCSA/CCSE" <mmcclung () ndwcorp com>
Date: Mon, 1 Feb 1999 17:12:31 -0700
I haven't seen a discussion of your Strong Authentication Server on this list yet. I am looking at installing a new Auth Server to provide strong user authentication. My question is just where do you put it? My thought I to have a separate network off the firewall for the server itself and nothing else. The management could be from the internal network and controlled by your FW policy and user authentication. I don't think that you would want that information traversing your internal network so that's why I would suggest the above configuration. This works great if you are only doing Internet/Extranet type authentication, but what do you do when you need to provide the same services for an inside service? Bandwidth, management and security measurements tell me the same configuration works well in most scenarios.... Your comments are welcome... Matt
Current thread:
- Placement of Strong Authentication Servers Matt McClung, CCSA/CCSE (Feb 01)
- Re: Placement of Strong Authentication Servers Adam Shostack (Feb 02)
- Re: Placement of Strong Authentication Servers Paul D. Robertson (Feb 02)
- Re: Placement of Strong Authentication Servers Riccardo Fontana (Feb 04)