Firewall Wizards mailing list archives
Re: security of private leased lines
From: Paul Robertson <proberts () patriot net>
Date: Thu, 28 Aug 2003 16:12:08 -0400 (EDT)
On Thu, 28 Aug 2003, Kilaru Sambaiah wrote:
Dear Members, I am managing point to point leased lines. They not connected to the internet lines. What kind of security systems I require to think, and implement? Any pointers are helpful.
Like all things security, the answer is "it depends." If you trust your carrier at each end and if applicable, any interexchange carriers, then probably not much, unless the line protocol is something that's historically leaky like Frame Relay or ATM. Remember "not connected to the Internet" isn't true of the carrier systems between your equipment and the other end. Neither is physically secure, and potentially "accessed only by people I trust." If your data isn't all that important, then same answer. Depending on your data's importance/longevity, you'll want to increase the protection a little to a whole bunch. If your data is important, then you'll want to use an encrypted channel between the endpoints. If you don't have the same level of administrative control, security policy, or physical access at each end, then you'll want some sort of firewalling at each end of the connection as well. Doing encrypted channels right requires a good understanding of key managment, key change intervals, etc. If you're not up on that stuff, and the network/information is important, then you really should consult somone who's done it before. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- 802.1x Paul Robertson (Aug 07)
- Re: 802.1x Chris Keladis (Aug 13)
- RE: 802.1x Michael (Aug 13)
- security of private leased lines Kilaru Sambaiah (Aug 28)
- Re: security of private leased lines Paul Robertson (Aug 28)
- Message not available
- Re: security of private leased lines Frederick M Avolio (Aug 28)