Why would you put your firewall into the same authentication domain as
Maybe I'm missing something, but that seems like you're putting an awful
lot of trust in the NT security model.
Actually, its possible to establish a trust relationship between two
seperate NT domains such that attempts to log onto the Firewall Domain
would be validated against an internal Administrative Domain, but accounts
on the Firewall Domain would not be permitted to log into the
So even if the Firewall were compromised, none of its accounts would be
permitted to access the resources protected internally by the
Administrative Domain security, and remember, neither the user ID or the
password are transmitted across the network between the two.