We have a network of Win2K PCs and servers on a Windows 2000 Active
Directory. I am replacing our current firewall with a Pix515 (V6.1, PDM) and
would like to be able to control some of the general internet access
depending on user login name (and control some by machine name or IP)
Outbound access would not be limited to http, ftp and telnet: i need to be
able to grant or restrict access to numerous services depending on the user.
Ideally, I would like a system which ties into Adtive directory and dynamic
DHCP/DNS so that the entire process is transparent to the user.
Unfortunately I am a bit of a novice with IOS and AAA so I am looking for
advice along the lines of
a) is it possible?
b) if not, what is?