Because if you think of your firewall as just another server that your
usres can access at will, you might as well not bother. Network security
is a tradeoff b/t security and useability (or convenience). It may be
"convenient" to not have to define users to your firewall, but it is
significantly less secure. Don't forget you have things like RADIUS and
LDAP to backend your user database as well, which also afford you the
commodity of not having to duplicate your effort.
Carric Dooley CNE
COM2:Interactive Media
http://www.com2usa.com
"In theory, there is no difference between theory
and practice. But, in practice, there is. "
- Jan L.A. van de Snepscheut
On Mon, 11 Oct 1999, Vince R Grande wrote:
> Does anyone know why Firewall-1 for NT recommends installing the software on
> a workgroup instead of a domain(member server)? If so, won't I have to setup
> separate accounts for each user? I'm planning on a DMZ with three NIC cards.
>
>
> Thank you,
> Vince Grande
> [EMAIL PROTECTED]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
