Re: [fw-wiz] security of private leased lines

• Previous message: franco segna: "Re: [fw-wiz] result question"
• In reply to: Kilaru Sambaiah: "[fw-wiz] security of private leased lines"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Kilaru Sambaiah <sambaiah@antaares.com>
Date: Thu, 28 Aug 2003 16:12:08 -0400 (EDT)

On Thu, 28 Aug 2003, Kilaru Sambaiah wrote:

> Dear Members,
> I am managing point to point leased lines. They not connected
> to the internet lines. What kind of security systems I require to
> think, and implement? Any pointers are helpful.

Like all things security, the answer is "it depends."

If you trust your carrier at each end and if applicable, any interexchange
carriers, then probably not much, unless the line protocol is something
that's historically leaky like Frame Relay or ATM. Remember "not
connected to the Internet" isn't true of the carrier systems between your
equipment and the other end. Neither is physically secure, and
potentially "accessed only by people I trust."

If your data isn't all that important, then same answer. Depending on
your data's importance/longevity, you'll want to increase the protection a
little to a whole bunch.

If your data is important, then you'll want to use an encrypted channel
between the endpoints. If you don't have the same level of administrative
control, security policy, or physical access at each end, then you'll want
some sort of firewalling at each end of the connection as well.

Doing encrypted channels right requires a good understanding of key
managment, key change intervals, etc. If you're not up on that stuff, and
the network/information is important, then you really should consult
somone who's done it before.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
proberts@patriot.net which may have no basis whatsoever in fact."
probertson@trusecure.com Director of Risk Assessment TruSecure Corporation

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: franco segna: "Re: [fw-wiz] result question"
• In reply to: Kilaru Sambaiah: "[fw-wiz] security of private leased lines"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: IIS, homenetwork, teenager, sercurity ... Firewall. ... connection is giving you some hardware firewall protection. ... it is a good idea to have any PC that is connected to the internet ... Microsoft plugs their security holes with a patch ... (microsoft.public.inetserver.iis.security) Re: pop ups from messenger services ... and Sasser Worms that still haunt the Internet. ... ignoring or just "putting up with" the security gap represented by ... Messenger Service of Windows ... firewall and WinXP's Internet Connection Sharing feature. ... (microsoft.public.windowsxp.help_and_support) Re: pop ups ... and Sasser Worms that still haunt the Internet. ... ignoring or just "putting up with" the security gap represented by ... Messenger Service of Windows ... firewall and WinXP's Internet Connection Sharing feature. ... (microsoft.public.windowsxp.security_admin) Re: Zone Alarm preventing internet access ... IE security settings at default of medium. ... Internet, ... I get my connection taken away. ... >> long as Zone Alarm is not running, ... (comp.security.firewalls) Re: Messenger Service?!! ... and Sasser Worms that still haunt the Internet. ... ignoring or just "putting up with" the security gap represented by ... Messenger Service of Windows ... firewall and WinXP's Internet Connection Sharing feature. ... (microsoft.public.security.virus)