Firewall Wizards mailing list archives
Re: Firewalls acting as access controllers
From: Chris Buechler <cbuechler () gmail com>
Date: Wed, 25 May 2005 20:12:23 -0400
On 5/25/05, Green Horn <teachgreenhorn () yahoo com> wrote:
Do firewalls provide dynamically defined access control i.e., can they act as access controllers. e.g., it should be able to do the following, a user tries to access a resource, the packets would come to the firewall, if they are HTTP packets and the user is new (from IP address not being in the authenticated list), the packets would be redirected to a webproxy, the webproxy tries to get the user authenticated by a AAA server (say RADIUS), the firewall would get an authorization message from the AAA server (or webproxy), saying the time the user must be allowed access, the resources he can access etc. The firewall would provide that access.
Some firewalls can certainly provide access like that or similar. I don't know about Check Point in particular. m0n0wall (http://m0n0.ch/wall/), an open source firewall project, has captive portal functionality that you can use to force users to be authenticated over HTTPS to a RADIUS server before being able to get to the internet. It's not quite as granular as you describe, but very similar. I'm sure some commercial products offer that functionality. -Chris _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Firewalls acting as access controllers Green Horn (May 25)
- Re: Firewalls acting as access controllers Ramesh Krishnan (May 30)
- Re: Firewalls acting as access controllers Kevin (May 30)
- Re: Firewalls acting as access controllers Chris Buechler (May 30)
- Re: Firewalls acting as access controllers Magosányi Árpád (May 30)
- RE: Firewalls acting as access controllers Paul Melson (May 30)