Security Basics mailing list archives
RE: Allow second Internet connection into Office Space?
From: Louis Erickson <LErickson () ariba com>
Date: Mon, 14 Oct 2002 11:03:23 -0700
One thing which no one has mentioned yet is a variant of this. Instead of making a connection to the LAN, get the developers removable media. 2G ORB drives are reasonably affordable and let you move a big chunk of data back and forth. They can use their development machines to set up what they want to test on the removable disk, then stick it in the other machine for testing. Make sure all machines involved have good virus protection. Perhaps different versions for the internal LAN and the Internet visible one. Lou Erickson IT Tools Developer, Ariba, Inc.
-----Original Message----- From: Rapaille Max [mailto:Max.Rapaille () nbb be] Sent: Thursday, October 10, 2002 11:32 PM To: Chris Hylen; security-basics () securityfocus com Subject: RE: Allow second Internet connection into Office Space? Hi, You could create a little separate LAN for them : DSL Router --- Firewall (Linux based, on a recup PC) --- TEST LAN If the goal is to test the end-user experience, they will probably ask for different OS.. So Why not think about making a little private LAN with Linux, Windows,(Dual Boot/VMWare??). Just imagine.. I had this kind of requirement for a Web developping Company, and this is what we did. We knew that the developpers were not specially Security-Minded, and the Boss was paranoid... At a first stage, there was NO connection at all with the production LAN, which is the safest solution .. But as they needed to exchange some file , we connected both LAN via a Firewall, allowing ONLY FTP traffic from Production LAN to Test LAN, using a FTP proxy and a Virus Checking (Trend Micro Viruswall..)= So DEV team can work as usual on the Prod LAN,. want they to test their finding? Just moving to an other keyboard... without jeopardysing the prod LAN Security... Hope this help.. Should you need more details about the config, just drop me a mail Off list @ info () emmera be Regards, MAx -----Original Message----- From: Chris Hylen [mailto:chris.hylen () unigard com] Sent: mercredi 9 octobre 2002 17:32 To: security-basics () securityfocus com Cc: CISSP_PNW () yahoogroups com Subject: Allow second Internet connection into Office Space? Security Pro's: A group of my programmers want to have a DSL connection put in their testing area so they can simulate end user experience across the Internet. I have concerns with this and am curious if anyone else has found a good solution to provision their business requirement without putting the network at risk. I know I haven't gone in to enough detail for an EXACT solution but in general if anyone has any "tips" I'd appreciate it. Thanks! Chris Hylen Data Security
Current thread:
- Re: Allow second Internet connection into Office Space? Jason Kohles (Oct 15)
- RE: Allow second Internet connection into Office Space? Keenan Smith (Oct 17)
- <Possible follow-ups>
- Re: Allow second Internet connection into Office Space? matthew (Oct 15)
- Re: Allow second Internet connection into Office Space? James Taylor (Oct 15)
- RE: Allow second Internet connection into Office Space? Louis Erickson (Oct 15)
- Re: Allow second Internet connection into Office Space? Ethan King (Oct 15)
- RE: Allow second Internet connection into Office Space? Robert Sieber (Oct 15)
- RE: Allow second Internet connection into Office Space? Kline, Nathan C - CIEP-2 (Oct 16)
- RE: Allow second Internet connection into Office Space? Chris Santerre (Oct 16)
- RE: Allow second Internet connection into Office Space? Chris Santerre (Oct 17)
- RE: Allow second Internet connection into Office Space? Rapaille Max (Oct 18)
- RE: Allow second Internet connection into Office Space? Rapaille Max (Oct 18)
- RE: Allow second Internet connection into Office Space? Chris Santerre (Oct 18)