According to Martin_Khoo/SIN/Lotus @
lotus .
com
> Alternatively, you can look at SecurID tokens from Security Dynamics. FW-1
> supports SecurID as one of the mode of user authentication. SecurID
> authentication is client/server based ; the server (ACE server) can be
> running on the same machine as the firewall or it can be on another
> machine.
> Web site : http://www.securid.com
Until Security Dynamics implement a distributed server (they may well
have by now), their solution doesn't scale and multiple master/slaves
are required for large organisations (you can only have a single master and
slave for an entire network - I believe).
Running multiple masters allows for spoofing ...
Steve
--
home steve @
gbnet .
org * Flat 2, 43 Howitt Road, Belsize Pk, London NW3 4LU
work steve @
demon .
net * tel +44-(0)171 483 1169 FAX +44-(0)181 444 6103
www http://www.gbnet.net/ *
bits steve @
gbnet .
net * Orange mobile +44-(0)973 600050
Euro firewall info - send mail to majordomo @
gbnet .
net (subscribe firewalls-uk)
References:
|
|
