mikehiland
MIS
We currently use CheckPoint FW-1 on a Nokia device for our firewall. Remote users currently access everything behind the firewall by first establishing a VPN to our IBM LMC in the DMZ of the CheckPoint.
We are considering eliminating the VPN altogether and going to a SSL solution using MS ISA Server, which would also be placed in the DMZ and provide authentication for users coming in and attempting to access web pages and applications behind ISA.
We are wondering if the CheckPoint devices can provide any or all of these services thereby eliminating the need for ISA.
If it is possible, I envision a user going to which gets them to the CheckPoint. The Checkpoint would gather the username/password and validate against A/D on the inside, and then redirect (NAT) to the appropriate resource on the inside.
I think we are asking for something that does not exist, but would like to know for sure.
Anyone know the answer to this, or have any other thoughts or comments? Thanks in advance!
We are considering eliminating the VPN altogether and going to a SSL solution using MS ISA Server, which would also be placed in the DMZ and provide authentication for users coming in and attempting to access web pages and applications behind ISA.
We are wondering if the CheckPoint devices can provide any or all of these services thereby eliminating the need for ISA.
If it is possible, I envision a user going to which gets them to the CheckPoint. The Checkpoint would gather the username/password and validate against A/D on the inside, and then redirect (NAT) to the appropriate resource on the inside.
I think we are asking for something that does not exist, but would like to know for sure.
Anyone know the answer to this, or have any other thoughts or comments? Thanks in advance!