Firewall-based authentication with Edenwall
Instead of granting access by address, the NuFW Netfilter module provides identity-based authentication. The Edenwall firewall appliance comes with built-in NuFW technology.
Today’s firewalls typically reside in Layers 3 and 4 of the OSI model, where they filter traffic on the basis of IP addresses and TCP/ UDP ports. To take Layer 7 information into consideration, administrators either deploy proxies or use fairly simplistic patterns. Things get even worse if you need a rule base that gives you filtering on the basis of user IDs. Most models are throwbacks to the 90s and assume that each machine will have a single useronly. Of course, this assumption is fatal if you are dealing with terminal servers or Linux.
Buy this article as PDF