Restricting Access
Novell Cool Solutions: Question & Answer
Reader Rating 
Q:
Can we restrict access to a protected resource by MAC address, IPaddress, subnet, network segment?
For example, I have a Portal with iChain running for a Police Department. Iwant to let police officers access a portal with a protected resource,but only if they are logging in from a workstation in the squad room(a trusted environment). I do not want them to access the same protectedresource from any other workstation, but they still need access to theother info presented in the portal.
A:
Nope, nothing like this is available in iChain access control rules. Allaccess control rules are based on the user, not on the networkinformation.
However, what you could do is associate a second authentication method,such as a certificate, that would only be installed on the workstationsthat have access to the resource you need high protection on. Thecertificate will of course be marked as "non exportable" so that a wiseguy will not be able to install it somewhere else.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com