[TriLUG] Has anyone used SSL-Explorer?
Daniel Bartholomew
plumcreek at gmail.com
Thu Jun 21 11:43:10 EDT 2007
On Thu, 2007-06-21 at 07:13 -0700, Kevin J. wrote:
> It seems like this would be susceptible to a password attack
> if it's polling directly against AD for authentication. Do any
> of these work with two-way authentication mechanisms such as a
> RSA SecurID FOB?
>
> Kevin
>
>
> ----- Original Message ----
> From: David McDowell <turnpike420 at gmail.com>
> To: Triangle Linux Users Group discussion list <trilug at trilug.org>
> Sent: Thursday, June 21, 2007 9:55:21 AM
> Subject: Re: [TriLUG] Has anyone used SSL-Explorer?
>
>
> We started testing with SSLExplorer and found it limiting for our
> needs. We ended up going with a commercial SSL VPN solution by Array
> Networks. It works great, although so far I've only technically
> tested with WinXP Pro due to that being our corp environment.
>
I'm probably not the best person to answer this (seeing as I just
started playing with SSL-Explorer this morning) but in looking through
the authentication mechanisms listed in the extensions manager it
seems to support several --- client certificates, Active Directory,
local sytem accounts, usb-keys, LDAP, NIS, OTP/SMS, and RADIUS.
I don't know much about how any of these are implemented, but there
seem to be a lot of choices.
My main question now is whether or not I can script this. If we use it
we'll be adding and removing users often and each user will need
customized apps (i.e. a putty session to a specific port on a specific
server for just that user and no one else). If creating (and destroying)
apps is strictly a manual point-and-click affair then this solution is
probably unworkable.
From what I've experienced so far in my couple hours of testing I am
impressed with how well it works and how easy it was to set up. It
would be a shame to have a lack of scriptability be its downfall.
--
Daniel Bartholomew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://www.trilug.org/pipermail/trilug/attachments/20070621/fb042560/attachment-0001.pgp>
More information about the TriLUG
mailing list