Re: Allow second Internet connection into Office Space?

["Ethan King" <ethan () shame mine nu>]

This shouldn't be an issue, if done right.  If it were me, I would allow a
dsl connection to one or two machines, which are only connected to the dsl
link (ie not to the rest of the company LAN, etc).  Ideally, you could even
have just one machine used for testing (or multiple machines, hubbed off the
dsl via NAT, etc) which is NOT allowed to have any company data, code, etc
on it.  The Key here is keeping this Entirely seperate from the corporate
network, I would even go so far as perhaps physically securing the media so
that even a good-willed person doesn't make a mistake and plug something
into the wrong place.

-Ethan



----- Original Message -----
From: "Chris Hylen" <chris.hylen () unigard com>
To: <security-basics () securityfocus com>
Cc: <CISSP_PNW () yahoogroups com>
Sent: Wednesday, October 09, 2002 8:31 AM
Subject: Allow second Internet connection into Office Space?


> Security Pro's:
>
> A group of my programmers want to have a DSL connection put in their
> testing area so they can simulate end user experience across the Internet.
I
> have concerns with this and am curious if anyone else has found a good
> solution to provision their business requirement without putting the
network
> at risk.
>
> I know I haven't gone in to enough detail for an EXACT solution but
> in general if anyone has any "tips" I'd appreciate it. Thanks!
>
> Chris Hylen
> Data Security