Home > Archive > Microsoft Webservices > February 2006 > machine authentication for web site?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
machine authentication for web site?
|
|
|
| i know i can use client certificates for user authentication to a website,
but is it possible to use machine authentication with certificates,
preferably using some facility built-in to Windows like cert server? I've
been searching for an answer with no luck so far..
here's the scenario:
we issue machines to our employees, most of whom are home workers. Due to
regulations we work under, it is important the machines they connect to our
web site with meet particular security standards. We suspect many of our
workers are using their personal machines, which is prohibited. We are
looking for a way to limit their access to coming from their company-issued
machine. Knowing the credentials would be useless on other machines.
the client machines run XPsp2 and they connect to normal Win2K- and
Win2K3-based ASP and ASP.NET sites over https.
thanks for any insight as to what my options are. I'm thinking it will be
limited to third-party PKI solutions...
| |
| Roger Abell [MVP] 2006-02-22, 3:57 am |
| IPsec
It was defined for just that type of scenario
"anon" <lkj2l3kj23@lk333333.com.edu> wrote in message
news:O$tuajvNGHA.3788@TK2MSFTNGP09.phx.gbl...
>i know i can use client certificates for user authentication to a website,
>but is it possible to use machine authentication with certificates,
>preferably using some facility built-in to Windows like cert server? I've
>been searching for an answer with no luck so far..
>
> here's the scenario:
> we issue machines to our employees, most of whom are home workers. Due to
> regulations we work under, it is important the machines they connect to
> our web site with meet particular security standards. We suspect many of
> our workers are using their personal machines, which is prohibited. We
> are looking for a way to limit their access to coming from their
> company-issued machine. Knowing the credentials would be useless on other
> machines.
>
> the client machines run XPsp2 and they connect to normal Win2K- and
> Win2K3-based ASP and ASP.NET sites over https.
>
> thanks for any insight as to what my options are. I'm thinking it will be
> limited to third-party PKI solutions...
>
>
|
|
|
|
|