Security Basics mailing list archives
Re: FW: Something new?
From: "crawford charles" <biv0uac17 () hotmail com>
Date: Wed, 23 Apr 2003 15:22:42 +0000
Sounds like you want the workstations to be connected through switches which"participate" in the authentication process, to the extent that the switch won't allow the workstation to connect to anything (other than the authentication device)
until authentication is complete... I think Cisco has something along those lines, as do some others.http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a008007f395.html
viz: http://www.toplayer.com/content/products/others/secure_edge.jsp C.
From: Steve S [mailto:jbodisks () yahoo com] Sent: Tuesday, April 22, 2003 11:12 AM To: security-basics () securityfocus com Subject: Re: Something new? Thanks for the responses so far but I need to clarify that this would be for users accessing NT/2000 servers from inside the company not users connecting from over the internet. The user is physically inside the company sitting at a workstation. They would have one point of entry only. Typical setup - user authenticates to DC Internet -- Firewall -- Servers -- Users Proposed setup - gateway authenticates user to DC ??? = gateway/authentication server Internet -- Firewall -- Servers -- ??? -- Users --- Steve S <jbodisks () yahoo com> wrote: > Trying to figure out if anyone has seen or heard of > some type of gateway or method for setting up an OS > to > be a gateway to authenticate all users before they > have access into a NT/2000 network. The thinking > behind this would be the end-user would only be able > to connect to the internal network through this > gateway (i.e. access to all servers and associated > ports on the internal network would be blocked until > authentication occurred and then you would be > restricted by your personal access level). Looking > to > expose only a single point internally instead of a > myriad of servers.
_________________________________________________________________MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
---------------------------------------------------------------------------Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-security-basics ----------------------------------------------------------------------------
Current thread:
- Re: Something new?, (continued)
- Re: Something new? Juan Carlos (Apr 23)
- RE: Something new? Fred Dirkse - OIC Group, Inc. (Apr 24)
- Re: Something new? qtrang (Apr 22)
- RE: Something new? Cabrera, Nestor (Contractor) (Apr 22)
- RE: Something new? Trevor Cushen (Apr 22)
- Re: Something new? Steve S (Apr 22)
- RE: Something new? Gwydion Mine (Apr 22)
- RE: Something new? Trevor Cushen (Apr 22)
- Re: Something new? James Lee Gromoll (Apr 23)
- RE: Something new? Trevor Cushen (Apr 23)
- Re: FW: Something new? crawford charles (Apr 23)
- Re: Something new? Juan Carlos (Apr 23)