Any connexion passing through the filter could be associated its originating user, and this could even break the old, vague, insecure assumption "1 IP address = 1 user"."
June 21, 2005
Bringing authentication to network layer 3
Vincent Deffontaines writes "Have you ever thought of how much efficiency your firewall would gain if it could incorporate per-user filtering? If IP filters could use userID as "just another" filtering criteria?