RE: [fw-wiz] Firewalls acting as access controllers

• Previous message: Magosányi Árpád: "Re: [fw-wiz] Firewalls acting as access controllers"
• In reply to: Green Horn: "[fw-wiz] Firewalls acting as access controllers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'Green Horn'" <teachgreenhorn@yahoo.com>, <firewall-wizards@honor.icsalabs.com>
Date: Thu, 26 May 2005 12:01:51 -0400

Yes, Check Point can do this in a variety of ways using authentication
rules. What you are asking for sounds like 'partially-automatic client
authentication'. More info here:
http://www.phoneboy.com/bin/view.pl/FAQs/AuthenticationFAQs

Several other common firewalls can do this, also. Cisco's PIX comes to
mind, as well.

PaulM

-----Original Message-----
Subject: [fw-wiz] Firewalls acting as access controllers

Hi,
 I am new to firewalls.
Do firewalls provide dynamically defined access control i.e., can they act
as access controllers.
e.g., it should be able to do the following, a user tries to access a
resource, the packets would come to the firewall, if they are HTTP packets
and the user is new (from IP address not being in the authenticated list),
the packets would be redirected to a webproxy, the webproxy tries to get the
user authenticated by a AAA server (say RADIUS), the firewall would get an
authorization message from the AAA server (or webproxy), saying the time the
user must be allowed access, the resources he can access etc.
The firewall would provide that access.

Can this be done by the firewalls in the market such as Checkpoint
firewall-1

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Magosányi Árpád: "Re: [fw-wiz] Firewalls acting as access controllers"
• In reply to: Green Horn: "[fw-wiz] Firewalls acting as access controllers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]