How to Secure Squid - squid

This is a discussion on How to Secure Squid - squid ; Hi, that's my system: I've an exchange2003server and I use Squid 3.0 to access Outlook Web Access with SSL. Everything works! Now my question: We've few (5) employees which use OWA and I want to secure that connection. I heard ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: How to Secure Squid

  1. How to Secure Squid

    Hi,

    that's my system: I've an exchange2003server and I use Squid 3.0 to
    access Outlook Web Access with SSL. Everything works! Now my question:
    We've few (5) employees which use OWA and I want to secure that
    connection. I heard something about proxie_auth I thought about
    RSA-SecurID tokens. but that is to expensive for now. Do you've ideas
    for a solution how to secure squid effectively.

    Sry I don't know why but I think my text looks bad :-) I'm not
    english.. :-)

    Thanks

    me


  2. Re: How to Secure Squid

    me:


    Perhaps you would be interested in testing the WiKID strong
    authentication system, which is available as open source or under a
    commercial license. Although I haven't tested it with squid, I have
    tested extensively with PAM, so it should be doable. You can find more
    info at http://www.wikidsystems.com or at our sf.net site:
    https://sourceforge.net/projects/wikid-twofactor/

    HTH,

    nick


    --
    Nick Owen
    WiKID Systems, Inc.
    404.962.8983
    http://www.wikidsystems.com
    Commercial/Open Source Two-Factor Authentication
    https://www.linkedin.com/in/nickowen


  3. Re: How to Secure Squid

    Hi,


    thanks!! That sounds great!! :-)

    But I couldn't figure out wether it is for free or not?! Are there any
    limitations?

    Thanks in advance!

    me


  4. Re: How to Secure Squid

    The open source version is licensed under the GPL. You can find info
    about the differences between the commercial and opensource version in
    the oss faq: http://www.wikidsystems.net/faq/. All we ask is for
    feedback and that if you like it, you tell your friends!


  5. Re: How to Secure Squid

    "me" wrote:

    > I thought about RSA-SecurID tokens. but that is too expensive for now.


    Just a footnote about RSA SecurID pricing. These prices include an RSA
    Authentication Manager (AM) with a per-seat license; various RSA
    Authentication Agents; and at least ten tokens from one of the several
    classes of hardware SecurIDs and SecurID token-emulation modules (for
    phones, beepers, PDAs) that RSA now sells.
    See: .

    A ten-token bundle with the stream-lined RSA SecurID Appliance, on a
    hardened Windows platform, sells for about US$4,000 stateside.
    European pricing is about US$4,691 (EUR3,675.18). See:
    .

    Admittedly, this is not for the poverty-stricken, but neither is it
    stratospheric.

    In North America, where the SMB version has sold like gang-busters for
    a year, very small businesses -- say less then 25 users -- typically
    purchase the SecurID Appliance to meet regulatory, audit, or other
    compliance requirements foisted upon them buy the firm's customers or
    business partners, or legal requirements associated the particularly
    sensitive type of data they are processing. I presume that similar
    pressures shape the MEA market.

    I've been a consultant to RSA for nearly 20 years and I admit I never
    expected to see the full AM functionality pulled down this deeply into
    the small business market. To go beyond this, I suspect RSA will have
    to go with some "AM lite:" with RSA's token-validation kernel
    integrated into a database already used by another commercial networked
    products.

    The next cycle in price-cutting for SMBs will probably emerge from the
    joint development efforts of RSA and Checkpoint -- but that too will
    probably carry the full RSA Appliance package.

    Suerte,
    _Vin


+ Reply to Thread