Security Basics mailing list archives
Providing Visitor Access
From: "Sinha, Amitabh (Amit)" <asinha3 () agere com>
Date: Mon, 9 Dec 2002 11:20:33 -0500
This brings up some interesting questions. Would there be any legal issue with allowing open access from within your company (for this restrictive network)? Is web type access going through a proxy that is filtering? (Could the company be liable if something illegal is done from the company owned IP space (child porn etc.)? Any due diligence issues?? OR if a visitors information is stolen from the Internet while they were connected from this unrestricted vlan?) Are more and more companies providing this type of unrestricted access to their visitors? How are others doing this? Is there an industry standard or a general practice ... Thanks, Amit -----Original Message----- From: CTillett () harcourt com [mailto:CTillett () harcourt com] Sent: Thursday, December 05, 2002 10:25 PM To: wbjw () mindspring com Cc: jon kintner; Rick Darsey; security-basics () securityfocus com; ssgill () gilltechnologies com; wbjw () mindspring com Subject: RE: Preventing DHCP from allocating IPs We are dealing with this right now. We are creating an "area" on each floor that visitors can use. The ethernet ports in these areas will be using a private vlan that provides IP connectivity and Internet access only. These areas are ACL'ed off from our enterprise network. It is not perfect, but since we have good physical security and all other ports on the switch are disabled by default, it allows our vendors to use our network as a transport service only. I hope this helps a little. Chris Tillett
Current thread:
- Providing Visitor Access Sinha, Amitabh (Amit) (Dec 09)
- <Possible follow-ups>
- Re: Providing Visitor Access CTillett (Dec 09)
- RE: Providing Visitor Access Robinson, Sonja (Dec 10)