Re: [fw-wiz] Too Paranoid?
From: Kevin Steves (stevesk@pobox.com)
Date: 10/02/02
- Next message: Mark Tinberg: "Re: [fw-wiz] Too Paranoid?"
- Previous message: Jim MacLeod: "Re: [fw-wiz] Firewall Load balancing solution"
- In reply to: Paul D. Robertson: "Re: [fw-wiz] Too Paranoid?"
- Next in thread: Ryan M. Ferris: "Re: [fw-wiz] Too Paranoid?"
- Reply: Ryan M. Ferris: "Re: [fw-wiz] Too Paranoid?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Kevin Steves <stevesk@pobox.com> To: "Paul D. Robertson" <proberts@patriot.net> Date: Wed Oct 2 05:22:01 2002
On Sun, Sep 29, 2002 at 12:25:27PM -0400, Paul D. Robertson wrote:
> I've had this fight with personnel/benifits systems before, and once we
> got to the "it needs these two TCP ports" place, isolating it wasn't all
> that difficult.
It tends to boild down to: we have a strong business need for this
application, we need to figure out how best to configure and secure it
in our environment--at least at the financial type places I've worked
at.
Wide port ranges, UDP use, IP multicast, HA, dynamic routing, strange
DNS usage--consider it a challenge for the design skills. I've
generally found the vendors willing to work with you to come up with a
configuration that can be acceptable, but it can be a challenge.
- Next message: Mark Tinberg: "Re: [fw-wiz] Too Paranoid?"
- Previous message: Jim MacLeod: "Re: [fw-wiz] Firewall Load balancing solution"
- In reply to: Paul D. Robertson: "Re: [fw-wiz] Too Paranoid?"
- Next in thread: Ryan M. Ferris: "Re: [fw-wiz] Too Paranoid?"
- Reply: Ryan M. Ferris: "Re: [fw-wiz] Too Paranoid?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
