I am interesting in hearing from people who have implemented user based AAA for internal access to a secure data center or similar deployment. I've listed the methods I am familiar with:
1) Dynamic ACLs (Cisco Lock-and-key, Checkpoint client/session auth). Basically a one-time user authentication which opens a dynamic hole from the user's machine. 2) Application Proxying Firewall intercepts specific applications, authenticates user, then stitches connection through to server. Limited to small set of apps like FTP, HTTP(s), and telnet. 3) 802.1x Very new, but recently recently made available on Microsoft O/S's for both WLAN and LAN. Is anyone looking at this? 4) IPSec VPN Very strong, offers privacy, but typically only used for external access. Others? Thanks Eric Bomarsi __________________________________________________ Do You Yahoo!? Try FREE Yahoo! Mail - the world's greatest free email! http://mail.yahoo.com/ _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
