I think Lucent has a software, called IPSec Client for VPN + personal
firewall as a part of their VPN Firewall solution, it does not appear
to be expensive. I have not tested it.
Santiago Zapata
>We have wrestled with this problem also.
>
>We have deployed black ice and I find it of no use.
>
>We also use the linksys $100 thing and it is not very
>useful either (although you can get ipsec client
>tunnels out).
>
>What we have found works the best is netscreen 5 and
>either nortel ipsec or infoexpress. There are issues
>with the netscreen and nortel ipsec client but it can
>work with the correct config.
>
>I have settled on using a netscreen 5 for packet
>filtering and the infoexpress proprietary tunnel that
>works fine through nat devices including many proxies.
>
>The netscreen is good enough that my OpenBSD 2.8
>ipfilter/ipnat machine is reserved as a secondary
>packet filter.
>
>
>
>
>--- It's The Zoooomer <[EMAIL PROTECTED]> wrote:
>> Well if you're talking about allowing the company
>> employees (who have DSL at their houses) to be able
>> to
>> come into the company. We're wrestling with this
>> right
>> now. We're looking at personal fw's tht we can
>> configure and protect them at their house and also
>> have them up to make a secure connection into the
>> company. some of the cast of characters include
>> F-Secure, zonealarm, Blackice etc. Anyone had any
>> success in these areas...?
>>
>> Robert
>>
>>
>> --- "Andrew J. Caird" <[EMAIL PROTECTED]> wrote:
>> > On: Fri, 20 Apr 2001 14:13:41 EDT
>> > [EMAIL PROTECTED] wrote:
>> >
>> > >We do use FW-1, however, do you know if after a
>> > client's policy is updated
>> > >(upon logon) does that user then have the ability
>> > to alter that policy
>> > >until the next time he/she logs on? My
>> > understanding is that you can
>> > >prevent this with ZoneAlert Plus through the use
>> of
>> > authentication
>> > >requirements and a centralized password database
>> > that exists on a file
>> > >server. Thoughts?
>> >
>> > well, access to the keyboard means all bets are
>> > off, but i believe
>> > that with a reasonably configured client the
>> > policy is essentially
>> > unchangable by the average end user(*). again,
>> > though, i've never
>> > used this software, so i'm going on the
>> marketing
>> > literature i've read. :)
>> >
>> > perhaps someone else on this list can share some
>> > real-life
>> > experiences?
>> >
>> > --andy
>> >
>> >
>> > (*) average end user == a user who can't figure
>> out
>> > how to circumvent
>> > the SecureClient policy.
>> > -
>> > [To unsubscribe, send mail to
>> > [EMAIL PROTECTED] with
>> > "unsubscribe firewalls" in the body of the
>> message.]
>>
>>
>> __________________________________________________
>> Do You Yahoo!?
>> Yahoo! Auctions - buy the things you want at great
>> prices
>> http://auctions.yahoo.com/
>> -
>> [To unsubscribe, send mail to
>> [EMAIL PROTECTED] with
>> "unsubscribe firewalls" in the body of the message.]
>
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! Auctions - buy the things you want at great prices
>http://auctions.yahoo.com/
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
