Firewall Wizards mailing list archives

Re: Semi-OT: blade servers, backplanes, and DMZs

From: Christopher Hicks <chicks () chicks net>
Date: Sat, 7 Feb 2004 09:35:24 -0500 (EST)

On Fri, 6 Feb 2004, Phil Burg wrote:

A client has proposed implementing blade servers in a common enclosure
on two different DMZs (obviously with two different security policies in
place).


All of the blade systems I've worked with have a common Ethernet port for 
all of the blades with a possible additional port for management.  Sharing 
different security levels of data on the same wire is obviously bad, bad 
bad.

My immediate response is no - the claim that nothing can possibly leak
across a blade enclosure backplane sounds a lot like the old claims
about VLANs being effective security devices - but the client sees an
opportunity to save floor space in a data centre, and is pushing hard.


They can still save floor space with blade systems, but it doesn't mean 
they have to share different security levels in the same chassis.  How 
much floor space is going to be gained by eliminating one chassis?

-- 
</chris>

No, no, you're not thinking, you're just being logical.
-Niels Bohr, physicist (1885-1962)

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Semi-OT: blade servers, backplanes, and DMZs Phil Burg (Feb 06)
- Re: Semi-OT: blade servers, backplanes, and DMZs Christopher Hicks (Feb 07)
- Re: Semi-OT: blade servers, backplanes, and DMZs George Capehart (Feb 08)
- Re: Semi-OT: blade servers, backplanes, and DMZs David Lang (Feb 09)