Security Basics mailing list archives
RE: AD Aware Firewall/Proxy device
From: "Jeff Britton, Monitored Security" <jeff.britton () monitoredsecurity com>
Date: Mon, 27 Feb 2006 15:48:04 -0000
I've had very positive experiences with the Surfcontrol product on top of ISA. This allows you to block/allow Internet access on all types of levels (AD groups, specific AD users and by IP address as well.) The cost could be a problem, but from what I see, meets every one of your needs. www.surfcontrol.com Jeff -----Original Message----- From: Steveb () tshore com [mailto:Steveb () tshore com] Sent: Saturday, February 25, 2006 11:30 AM To: security-basics () securityfocus com Subject: AD Aware Firewall/Proxy device Hi all, We are primarily a Windows and Mac shop. We're currently running Microsoft's ISA server 2000 in a Windows 2000 AD environment. While other firewalls are in place at the parameter to control incoming traffic, we use the ISA server to control user access to the web. The one thing that I like about the ISA server is that it integrates with Active directory to allow per user access to the Internet. What I don't like about it, though, is it's lack of manageability and reporting without third party tools (that further bloat an already over-bloated product). Can anyone suggest a lightweight, yet powerful firewall device that will allow us to control employee access to the internet based upon AD username, machine IP address, and destination websites? I know that there are a bunch out there but I've come to trust many of you here and I'd love to hear your experiences and opinions. Thank you, Steve Bostedor Bozteck President http://www.vncscan.com --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- AD Aware Firewall/Proxy device Steveb (Feb 27)
- Re: AD Aware Firewall/Proxy device William Starling (Feb 28)
- Re: AD Aware Firewall/Proxy device Joe Hood (Feb 28)
- <Possible follow-ups>
- RE: AD Aware Firewall/Proxy device Jeff Britton, Monitored Security (Feb 27)
- RE: AD Aware Firewall/Proxy device Steven Jones (Feb 28)
- RE: AD Aware Firewall/Proxy device Steveb (Feb 28)