• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Identity based firewall: outside of network users

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Firewalls // Intrusion Detection - External Security

View previous topic :: View next topic  
Author Message
HGilbert
Just Arrived
Just Arrived


Joined: 28 Nov 2012
Posts: 1
Location: Chestnut Ridge, NY

Offline

PostPosted: Wed Nov 28, 2012 12:31 am    Post subject: Identity based firewall: outside of network users Reply with quote

Our school wants to set up an identity based firewall to provide differentiated internet access for faculty and various groups of students, all of whom sometimes use the same set of school computers.

Many faculty also use their personal laptops, and sign on to these using a local user account, rather than as a network user. Up to now any computer connecting to the wireless or ethernet has been able to get internet access. (Students do not normally use personal laptops, just the school machines.)

Our network admin says that if we go to an identity based firewall, the non-network user ids will be blocked from internet access. I hope there is some workaround for this. Any help will be very appreciated.
Back to top
View user's profile Send private message Visit poster's website
Intnull0
Just Arrived
Just Arrived


Joined: 28 Dec 2012
Posts: 3


Offline

PostPosted: Fri Dec 28, 2012 6:18 pm    Post subject: It is possible Reply with quote

But there are different methods of accomplishing this, depending on what firewall solution you install. Using Cisco ASA firewalls and Cisco wireless LAN controllers we created a solution that allows internal users access to network resources based on group membership and ACLs. With the wireless LAN controllers we use the valet service to provide wireless guest access much like hotels do. Using VLANs we can keep the internal traffic (AD authenticated) separate from the guest traffic (wireless LAN controller authenticated) and allow them access to the Internet.
(Edit: it sounds like I am pushing Cisco but I'm really not...it's just what we have.)
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Firewalls // Intrusion Detection - External Security All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register