Firewall Wizards mailing list archives
RE: SSL banking connections out of the firms firewall
From: Henry Sieff <hsieff () orthodon com>
Date: Fri, 28 Sep 2001 11:19:20 -0500
If its http over ssl, the firewall rules would be similar to http except port 443 would replace 80. Now, as for security issues, the main one I would be aware of is that the session will be encrypted (obviously) so (unlike http) any content-based policy rules (ie no active X content or js etc.) would be unenforceable on that session. Henry
-----Original Message----- From: Walker Andrew [mailto:andrew.walker () capco com] Sent: Thursday, September 27, 2001 11:35 AM To: 'firewall-wizards () nfr com' Subject: [fw-wiz] SSL banking connections out of the firms firewall Hi, I recently received a request from a user wanting to do his private banking via an SSL connection negotiated from his client laptop (company issue, connected to the internal LAN) to his banks server through the corporate firewall. I read up about SSL as a protocol and about public key encryption, but I'm still undecided. I have no help from the firms Internet policy to guide me so I'm looking for advise regarding how one would go about allowing it by a rule on FW1, if there are any security risks to be aware of, and also if anyone has any guidelines or experience of internet policies that deal with this kind of Internet usage from within the firm. Thanks in advanceAndrew************************************************************** ********** The information in this email is confidential and is intended solely for the addressee(s). Access to this email by anyone else is unauthorised. If you are not an intended recipient, you must not read, use or disseminate the information contained in the email. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Capco. http://www.capco.com ************************************************************** ********* _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: SSL banking connections out of the firms firewall Henry Sieff (Oct 01)
- <Possible follow-ups>
- Re: SSL banking connections out of the firms firewall Rick Smith at Secure Computing (Oct 01)
- Re: SSL banking connections out of the firms firewall Paul D. Robertson (Oct 02)
- Re: SSL banking connections out of the firms firewall Illes Marci (Oct 11)