Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Firewalls acting as access controllers

From: "Paul Melson" <psmelson () comcast net>
Date: Thu, 26 May 2005 12:01:51 -0400
Yes, Check Point can do this in a variety of ways using authentication
rules.  What you are asking for sounds like 'partially-automatic client
authentication'.  More info here:
http://www.phoneboy.com/bin/view.pl/FAQs/AuthenticationFAQs

Several other common firewalls can do this, also.  Cisco's PIX comes to
mind, as well.

PaulM


-----Original Message-----
Subject: [fw-wiz] Firewalls acting as access controllers

Hi,
 I am new to firewalls. 
Do firewalls provide dynamically defined access control  i.e., can they act
as access controllers.
e.g., it should be able to do the following, a user tries to access a
resource, the packets would come to the firewall, if they are HTTP packets
and the user is new (from IP address not being in the authenticated list),
the packets would be redirected to a webproxy, the webproxy tries to get the
user authenticated by a AAA server (say RADIUS), the firewall would get an
authorization message from the AAA server (or webproxy), saying the time the
user must be allowed access, the resources he can access etc.
The firewall would provide that access.

Can this be done by the firewalls in the market such as Checkpoint
firewall-1

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: