Firewall Wizards mailing list archives
Re: Semi-OT: blade servers, backplanes, and DMZs
From: Christopher Hicks <chicks () chicks net>
Date: Sat, 7 Feb 2004 09:35:24 -0500 (EST)
On Fri, 6 Feb 2004, Phil Burg wrote:
A client has proposed implementing blade servers in a common enclosure on two different DMZs (obviously with two different security policies in place).
All of the blade systems I've worked with have a common Ethernet port for all of the blades with a possible additional port for management. Sharing different security levels of data on the same wire is obviously bad, bad bad.
My immediate response is no - the claim that nothing can possibly leak across a blade enclosure backplane sounds a lot like the old claims about VLANs being effective security devices - but the client sees an opportunity to save floor space in a data centre, and is pushing hard.
They can still save floor space with blade systems, but it doesn't mean they have to share different security levels in the same chassis. How much floor space is going to be gained by eliminating one chassis? -- </chris> No, no, you're not thinking, you're just being logical. -Niels Bohr, physicist (1885-1962) _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Semi-OT: blade servers, backplanes, and DMZs Phil Burg (Feb 06)
- Re: Semi-OT: blade servers, backplanes, and DMZs Christopher Hicks (Feb 07)
- Re: Semi-OT: blade servers, backplanes, and DMZs George Capehart (Feb 08)
- Re: Semi-OT: blade servers, backplanes, and DMZs David Lang (Feb 09)