How are group policies usually put in place with pix? For example, let's say I'm a software company. I've got 14 devolopers who need access to things in the DMZ that no one else would (such as SQL, and who knows what else). Also, Finanace uses a special program which runs on port 5325 (totally random). How do I give them access to it but no one else? Admins should also be in a special group that have access to services such as SSH.
My quetion is how do I define members? Do I have to give everyone a static IP address and do it based on IP? What happens when a devoloper logs onto a box of someone in finance? He/she should have devoloper access then, not finance access. How do I control that?