Re: A "secure" Guest account for ISA server

From: BOT House (BOTHouse_at_insight-*-rr-*-com)
Date: 12/15/03 

Date: Sun, 14 Dec 2003 19:15:30 -0500

It definitely is a contradiction, but we are mandated to give everyone unrestricted Internet access. It's very much like a
"dot-edu" environment in that respect. However, if a department head asks for a report on a certain individual, we must produce it.
You can't do that if it's totally anonymous. So, we track the users we can and don't worry (much) about the users we can't. When
it's all anonymous, all you have is IP addresses to go by, which is unacceptable from a non-repudiation standpoint, especially in a
DHCP environment.

So, the people who are going to be disappointed are the managers in the untrusted domains. Hopefully they will be disappointed with
their own IT staff.

BTW, the policy "Additional restrictions for anonymous connections - no access without explicit anonymous permissions" worked
nicely. I am putting restrictions on the registry as they pop up, but it's looking good so far.

"Robert Moir" <bofh@mvps.org> wrote in message news:eoGCj$owDHA.1764@TK2MSFTNGP10.phx.gbl...

>
> I've got to ask, and I realise you probably already know this and i'm
> totally not having a go at you, isn't deploying an anonymous proxy server
> but wanting to know *who* uses it to go *where* a contradiction in terms?
> Surely its either anonymous, Or, you want to know who uses it to go where?
>
> I'm guessing you've been given a list of stuff to do by a manager who
> doesn't understand the issues here, but it seems to me that with that set of
> goals, someone somewhere is going to be disappointed with the outcomes?
>

Relevant Pages

  • Re: A "secure" Guest account for ISA server
    ... but we are mandated to give everyone unrestricted Internet access. ... "dot-edu" environment in that respect. ... the people who are going to be disappointed are the managers in the untrusted domains. ...
    (microsoft.public.security)
  • Re: How are things done where you work?
    ... Hi I think Cor ment that your boss would see it and that you would say it's ... I feel now this place will just degrade my skills. ... >> have the same managers as you describe. ... >> One of those I learned as one of the first in a kind of same environment ...
    (microsoft.public.dotnet.languages.vb)
  • Re: How are things done where you work?
    ... Well, since it is software and my boss doesn't write software, I'll have to ... > Hi I think Cor ment that your boss would see it and that you would say ... >>> have the same managers as you describe. ... >>> what is the best environment for you. ...
    (microsoft.public.dotnet.languages.vb)
  • Hey guys...Lisa Bergson is back.....
    ... "Managerial paralysis" is nothing else but having to make a decision ... Business managers constantly have to make ... because of the pressure from the competitive business environment.. ... There is no perfection in the human society. ...
    (sci.research.careers)