At 17:35 21-05-97 +0100, you wrote:
>I'd be very interested to hear how other people have
>solved the problem of controlling their users' access
>through their Firewall - either with commonly available
>tools or inexpensive commercial solutions.
I have a customer with a Black Hole that apparently has the features you
ask about. Here's what I've read in the manual; I haven't used these
particular features and I'm going from memory (the manual is across town)
so the actual details may be off a bit.
The Black Hole firewall (www.milkyway.com) offers the capability to
restrict services to specific users or groups of users. Then it allows the
admin to create userids and passwords that apparently are separate from the
firewall host's accounts. When a firewall rule is set up to "challenge", a
userid & password prompt is sent when a connection is attempted.
To avoid the problem of re-authenticating every connection, the Black Hole
offers what they call "transparent" mode. If enabled, additional
connections that occur within the timeout period from the same IP address
do not get challenged. This allows, e.g., a web browser to be challenged
only once at the beginning of a web-surfing session.
+1 (613) 230-6067