Everyone, Is anyone using NG FP1 with Secure Domain Login (SDL)? SDL is slow enough that end-users will complain if I require them to use it. Is anyone using SDL with good results?
My PII400Mhz notebook with 256Mb RAM turned in the following results. A - Control 1 minute, 25 seconds SecureClient Uninstalled - Test 1 B - LAN Access 2 minutes, 40 seconds SecureClient; LAN; Fully Configured - Test 1 2 minutes, 43seconds SecureClient; LAN; Fully Configured - Test 2 C - Internet Access 3 minutes, 50 seconds SecureClient; INTERNET; Fully Configured - Test 2 LAN = SecureClient is running while the computer is booted to the LAN. INTERNET = SecureClient is running while the computer is booted to a 10Mbps Internet connection. Fully Configured = SDL & SSO are configured. Computer boots into a Windows 2000 domain. One of the application developers I work with scripted a SecureClient login into Windows 2000 Pro using batch files and a shareware program called Password Officer. The application developer has his computer configured to log into a workgroup instead of the Windows 2000 domain. Once logged into the workgroup, the scripts authenticate to SecureClient, ping an internal IP and map network drives, and authenticate to IE and explorer authentication dialog boxes. The functionality is similar to SecureClient and SDL. Check Point may have anticipated this workaround because SecureClient generates a "Cancel Persistance" error if the script settings are too aggressive. http://www.compelson.com/pofi.htm If Check Point and LinkSys wanted to team up and build a LinkSys Cable/DSL router with integrated SecureClient software, I would buy one. Having a hardware device establish the IPSec tunnel would eliminate the SDL integration issues. Just a thought. Regards, Kevin Palmer Network Engineer - MCSE+I, CCSE, CCNA =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
