OPSTOP for Hardware Identity May work for you :
For More Info you may visit http://www.opswat.com/opstop_hardware.html
Regards
Benny (OPSWAT Inc.)
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM]On Behalf Of Frank
Darden
Sent: Monday, June 23, 2003 9:49 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] SecuRemote/SecuClient questions
It would be pointless to lock down to a MAC address anyway. MAC
addresses can easily be altered/spoofed. A better way to manage this
would be user credentials based matching using User Authority, combined
with certificate/token based strong authentication. The IP assignment
per user in Office Mode in AI simply allows you to always associate a
specific IP address with a specific SecurClient user. This is actually a
cool feature in itself, but will not help you with your current issue
Frank
-----Original Message-----
From: Hannu Liljemark [mailto:hannu.liljemark AT LAUREA DOT FI]
Sent: Friday, June 20, 2003 4:17 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] SecuRemote/SecuClient questions
On Fri, Jun 20, 2003 at 09:49:00AM +0300, Serge Vondandamo wrote:
> 2)Is it possible to attach a SecuRemote/SecuClients user to
> a specific computer (MAC address or something else) so that
> users can not install the software on their home (personal)
> computers and connect to the corporate Network?
I don't think so. According to Whatsnew file, NG AI
SecureClient has some new SCV features like doing your own
SCV tests from exe/bat files, perhaps that could be used,
but you're looking at a do-it-yourself project if the
normal SCV tests aren't enough to make you satisfied
about remote host's security when it's trying to connect
to the internal network.
NG AI also had some way of giving specific IP to each
user. If it used MAC addresses at some point, that might
be an option... but I have no clue if it actually does.
--
(Mr.) Hannu Liljemark | Appelsiini Finland Oy |
http://appelsiini.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
