[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] RE: SecuRemote vs HTTPS

To: CheckPoint_Mailing_List <fw-1-mailinglist@lists.us.checkpoint.com>
Subject: [FW1] RE: SecuRemote vs HTTPS
From: "Vossen, John" <JVossen@alphanetcorp.com>
Date: Fri, 16 Apr 1999 01:44:09 -0400
Cc: dmr@webserve.net

    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]



My $0.02

I like the HTTPS solution for the reason you mentioned.  Also, I find that
VPN clients not working behind NAT'ed firewalls is a problem.  Since I'm a
consultant, I'm always at a different site.  1) I may not be *allowed* to
install software on the client's PC, even if I wanted to.  2)  Since most
(hopefully all) of my clients have a firewall, and most of them use NAT, I
can't use it anyway.  HTTPS and SecurID (would/will) allow me access my
"intranet" resources, and use the Exchange Web Interface (whatever it's
called) and a web-based T&E app, for example.  At least, that's my story to
my management in proposing this solution, and I'm sticking to it...

It would be nice to walk up to virtually any browser in the world and just
be able to DO what I needed to do.  Of course, the download may be custom
web app development on your side, depending on your needs...

Hope this helps a bit.
JP

-----------------------------------------------------------------------
JP Vossen ( jvossen@alphanetcorp.com )
AlphaNet Solutions, Inc.
Alphanumeric Pager: 800-225-0256, PIN 598 0743


Date: Wed, 14 Apr 1999 15:41:06 -0400 (EDT)
From: "David M. Ramsey" <dmr@webserve.net>
Subject: [FW1] SecuRemote vs HTTPS

Folks,

We want authenticated remote users to be able to access an internal
WWW server, and want the traffic to be encrypted across the 'net.

>From a security point of view, what are the pros/cons of using
SecuRemote to access an internal web server vs. the simple use of
HTTPS with WWW based user authentication ?  
     
     Any   Internal_WWW   HTTPS
 vs.
     Any   Internal_WWW   Client_encrypt 

Using WWW user authentication and HTTPS for encryption doesn't require
SecuRemote to be installed on the remote PC.  That's a definite advantage.
Particularly for widespread deployment to non-technical types.

Thanks for any thoughts/comments/insight.  Cheers, --dmr

David M. Ramsey            dmr@webserve.net
WebServe, Inc.             Voice: 704-556-7482 x202
Network Administrator      FAX  : 704-643-4521


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] RE: VPN Secure Connect Client
Next by Date: Re: [FW1] RE: SecuRemote vs HTTPS
Prev by thread: [FW1] RE: VPN Secure Connect Client
Next by thread: Re: [FW1] RE: SecuRemote vs HTTPS
Index(es):
- Date
- Thread