certificate server on 2003 - advice on type selection
From: andy smart (anonymus_at_discussions.microsoft.com)
Date: 10/11/04
- Next message: robw2k7399: "Strange access attempt"
- Previous message: Marina Roos [SBS-MVP]: "Re: ISA not loading new packet filters"
- Next in thread: Miha Pihler: "Re: certificate server on 2003 - advice on type selection"
- Reply: Miha Pihler: "Re: certificate server on 2003 - advice on type selection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 10 Oct 2004 23:23:14 +0100
Hi
We're in the process of rolling out VPN access to our network, using
hardware which we were kindly donated. One of the authorisation methods
our hardware will accept is digital certificates. I think this is likely
to be the way to go, for ease of user management as much as anything in
that I can time-limit them (we will want to provide access for short
periods of time only).
I've been reading the MS documentation and I'm not sure if I want to
include the CA server in my domain or not. One of the things that the
docs suggest is that the 'advantage' of this is the it is easy to issue
certificates autmomatically - I actually want to have very tight control
over the people to whom we issue them.
I'd be interested in hearing people's thoughts as to the best practice here.
tia
andy
- application/pgp-signature attachment: OpenPGP digital signature
- Next message: robw2k7399: "Strange access attempt"
- Previous message: Marina Roos [SBS-MVP]: "Re: ISA not loading new packet filters"
- Next in thread: Miha Pihler: "Re: certificate server on 2003 - advice on type selection"
- Reply: Miha Pihler: "Re: certificate server on 2003 - advice on type selection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
