Firewall Wizards mailing list archives
Re: NT WAN
From: mritenburg () development opensite com
Date: Tue, 27 Jul 1999 15:31:13 -0400
1. Is the WAN using public infrastructure or private infrastructure? 2. Does this department have budget to implement a secure system? 3. What is the security level and policies of each NT machine? 4. Is file and print sharing more important that the info behind the Firewall? If I were in charge of the Firewall, these are some of the questions I'd ask first to determine if an NT WAN is actually a solution to the given problem. $.02 Matt At 03:46 PM 7/26/99 -0700, Neil Ratzlaff wrote:
I am looking for some strong reasons to refuse to allow an NT WAN through the firewall. There is a department here that wants to set up a wide area network of several NT machines scattered over several states. All they have said they want is to share files and printing. One of the local hosts would be behind the firewall, and they wanted to know how to get through the firewall, so I got called in. I manage the firewall, but I don't do policy of any kind. I assume they would at least use PPTP, but I read recently that although M$ improved it, it still is not very secure. I have the feeling this is a terrible idea. They want to have clients go both ways through the firewall, and I assume these clients are Windows 95, 98, and NT. Can anyone point me to places that list or describe the risks in simple English? Or maybe it is not as dangerous as I think it is, and this would be useful information, too. I suspect that even if this were all outside the firewall, it would still be a terrible idea, but I don't know enough about NT to be sure, or to provide reasons. Is there some paper somewhere that I can point to that shows why this is a bad idea? Perhaps vulnerabilities that can't be patched? I appreciate any help anyone can provide. Neil
Current thread:
- NT WAN Neil Ratzlaff (Jul 27)
- Re: NT WAN mritenburg (Jul 27)
- Re: NT WAN Kevin T. Shivers (Jul 27)
- <Possible follow-ups>
- re: Re: NT WAN MHurlburt (Jul 29)