Firewall Wizards mailing list archives
RE: Sources for Extranet Designs?
From: "Wes Noonan" <mailinglists () wjnconsulting com>
Date: Mon, 23 Feb 2004 10:50:58 -0600
Just to add some fuel to the fire, I agree with Ron. Security seems almost secondary to many B2B implementations. Almost a "if we trust them to partner, why worry" kind of attitude. If you want to look at things that you can do though, there is a relatively short bullet list[1]: Use VPNs between sites Terminate VPNs into DMZs Implement firewalls at the termination point Grant access only to those resources in the DMZ that each company needs access to Never grant access to your production network or resources [1] This is by no means an exhaustive list, but at least give a starting point. The devil of course is in the details. Wes Noonan mailinglists () wjnconsulting com http://www.wjnconsulting.com Hardening Network Infrastructure - A concise how to guide Available Spring 2004 Order at http://tinyurl.com/2nof4
-----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards- admin () honor icsalabs com] On Behalf Of R. DuFresne Sent: Monday, February 23, 2004 09:38 To: Baumann, Sean C. Cc: Paul Robertson; firewall-wizards () honor icsalabs com Subject: RE: [fw-wiz] Sources for Extranet Designs? Most that I have read on B2B architectures for extranets covered security, if they covered security at all, did so in such a minimalist way as to be of no real consequence. Functionality is the main concern of most the wiriteups I've seen, or manuals on such. Perhaps the best forums for what you appear to be seeking are right here at your e-mailing fingertips just awaiting clarification of the information you seek. I think that was the context of Paul's reply. B2B/extranet/VPN solutions, all over blown and over used terms and technologies that far too often really do not mitigate any og the risks they are implimented for. Thanks, Ron DuFresne On Mon, 23 Feb 2004, Baumann, Sean C. wrote:I wasn't particularly looking for a solution, or product. I was looking for a comprehensive discussion on network and security architectures for extranets (B2B), not necessarily available on the web (print is acceptable). Instead, I got a plethora of condescending email replies that gave me little or no information, which did not answer my (probably not well written) question. I'll make sure I am more specific in the future, so I don't get bombarded with "Didn't you google," or "Didn't they teach you that in _____." Regards, Sean -----Original Message----- From: Paul Robertson [mailto:proberts () patriot net] Sent: Sunday, February 22, 2004 11:00 AM To: Baumann, Sean C. Cc: firewall-wizards () honor icsalabs com Subject: Re: [fw-wiz] Sources for Extranet Designs? On Fri, 20 Feb 2004, Baumann, Sean C. wrote:Can someone direct me to some decent information on designing extranet connections?I think it's better if we start out with you describing what you're trying to accomplish. Terms like "extranet" have been so overloaded for so long that the idea you have could be completely different than the one anyone else does. Paul ------------------------------------------------------------------------ ----- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Sources for Extranet Designs? Baumann, Sean C. (Feb 21)
- Re: Sources for Extranet Designs? Paul Robertson (Feb 22)
- <Possible follow-ups>
- RE: Sources for Extranet Designs? Baumann, Sean C. (Feb 23)
- RE: Sources for Extranet Designs? Paul Robertson (Feb 23)
- RE: Sources for Extranet Designs? R. DuFresne (Feb 23)
- RE: Sources for Extranet Designs? Wes Noonan (Feb 23)
- RE: Sources for Extranet Designs? Marcus J. Ranum (Feb 23)
- RE: Sources for Extranet Designs? Don Parker (Feb 23)
- RE: Sources for Extranet Designs? Behm, Jeffrey L. (Feb 23)
- RE: Sources for Extranet Designs? Wes Noonan (Feb 23)
- RE: Sources for Extranet Designs? Frederick M Avolio (Feb 23)
- RE: Sources for Extranet Designs? Baumann, Sean C. (Feb 23)
- RE: Sources for Extranet Designs? Wes Noonan (Feb 23)
- RE: Sources for Extranet Designs? Bob Alberti (Feb 23)
- RE: Sources for Extranet Designs? Wes Noonan (Feb 23)
- RE: Sources for Extranet Designs? Wes Noonan (Feb 23)
- RE: Sources for Extranet Designs? Daniel Linder (Feb 23)