Security Basics mailing list archives

RE: AD Aware Firewall/Proxy device

From: "Jeff Britton, Monitored Security" <jeff.britton () monitoredsecurity com>
Date: Mon, 27 Feb 2006 15:48:04 -0000

I've had very positive experiences with the Surfcontrol product on top of ISA.  This allows you to block/allow Internet 
access on all types of levels (AD groups, specific AD users and by IP address as well.)  The cost could be a problem, 
but from what I see, meets every one of your needs.

www.surfcontrol.com

Jeff

-----Original Message-----
From: Steveb () tshore com [mailto:Steveb () tshore com]
Sent: Saturday, February 25, 2006 11:30 AM
To: security-basics () securityfocus com
Subject: AD Aware Firewall/Proxy device


Hi all,

We are primarily a Windows and Mac shop.  We're currently running
Microsoft's ISA server 2000 in a Windows 2000 AD environment.  While
other firewalls are in place at the parameter to control incoming
traffic, we use the ISA server to control user access to the web.  

The one thing that I like about the ISA server is that it integrates
with Active directory to allow per user access to the Internet.  What I
don't like about it, though, is it's lack of manageability and reporting
without third party tools (that further bloat an already over-bloated
product).  

Can anyone suggest a lightweight, yet powerful firewall device that will
allow us to control employee access to the internet based upon AD
username, machine IP address, and destination websites?  I know that
there are a bunch out there but I've come to trust many of you here and
I'd love to hear your experiences and opinions.

Thank you,

Steve Bostedor
Bozteck President
http://www.vncscan.com


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

AD Aware Firewall/Proxy device Steveb (Feb 27)
- Re: AD Aware Firewall/Proxy device William Starling (Feb 28)
- Re: AD Aware Firewall/Proxy device Joe Hood (Feb 28)
- <Possible follow-ups>
- RE: AD Aware Firewall/Proxy device Jeff Britton, Monitored Security (Feb 27)
- RE: AD Aware Firewall/Proxy device Steven Jones (Feb 28)
- RE: AD Aware Firewall/Proxy device Steveb (Feb 28)