or just block everyone and the rule before that allows selective users in
the internet_allowed_group to play at will after cleint auth.
thanks,
Ron DuFresne
On Mon, 6 Nov 2000 [EMAIL PROTECTED] wrote:
>
> Rob,
>
> #Would anyone out this audience care to propose or discuss any models of
> #selective blocking other than that provided by Checkpoint? Has anyone
> #specifically validated the Checkpoint model of selective blocking in
> #practice, and if so what were the hard spots if any?
>
> You could always set up a proxy server (Squid, MS Proxy Server, ect). Both
> Squid and the MS Proxy Server can use the standard NT domain username and
> password. Set up the allowed users in the proxy server and only allow the
> proxy servers to use TCP ports 80 and 443 through the firewall. You can
> also do caching and all that fun stuff on the proxy servers.
>
> Regards,
> Jeffery Gieser
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
