|
Bill,
This sounds like a nice application for the
Intrusion firewall appliance. The device is a low cost network appliance that is
installed in your remote locations between the router and remote LAN. The
Intrusion device runs a SOHO version of Checkpoint Firewall-1/VPN-1 and is
listed for around $1500.00. Here is a link to their site http://www.intrusion.com . I am using two of
these boxes and they work great as remote managed firewalls or stand alone
management consoles. The device has a proprietary version of Linux that it runs
as its operating system and Checkpoint software is already installed. You
can run an IPSec firewall at the home office and use SecuRemote to be able to
accomodate the remote laptops. If the remote laptops lack access to an ISP then
you could dial into a RAS device and then connect through the firewalls from the
connections made at the RAS server. You can use RADIUS and/or LDAP and
authenticate users from your Windows NT or Windows 2000 domain controllers as
well. You can also employ token access devices like the SecurID card for better
security on the remote laptops (if a laptop is stolen, the thief would not know
the passcodes .. etc.).
This solution would accomodate your need to provide
IP services to remote sites and remote laptops while maintaining security
through the firewalls at each location. Exchange, SQL, file sharing would
all be tunneled to the remote sites through the Intrusion devices and the main
firewall at the home office.
Just my .02 worth.
Lance
|
- Request for directions Bill C
- Lance Ecklesdafer
