Firewall Wizards mailing list archives
Re: Firewall Placement Question
From: firewallwizards () kajtek org
Date: Fri, 22 Feb 2008 00:00:01 -0600 (CST)
I wonder about the labor required to pull this off for almost 200 servers (and Microsoft applications are a bitch). I fear it will be hell to manage all the excpetions, ie. one user in a different building needs access to a few administrative ports. Not to mention that after it's done we'll spend days trying to work out the bugs of things that 'should just work' and effects of application upgrades that change ports.
You need to talk to your peers at other universities of simmilar size. I used to admin firewall for a simmilar sized institution (judging by the 200 servers number), but they treated inside of their network as hostile environment, and required people to yield control and use internal firewall, arm themselves, or wait and suffer without complaining. There were two firewalls, one took care of external links, plus internet related DMZs, the other protected ERP, cash, library systems, and whatever offices requested separation from the wide open inside, and agreed to be bound by the standard policy and SALs. -- Marcin Antkiewicz _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: syslog and network management, (continued)
- Re: syslog and network management david (Feb 27)
- Re: syslog and network management ArkanoiD (Feb 29)
- Re: syslog and network management Timothy Shea (Feb 29)
- Re: syslog and network management Alejandro Ezequiel Fernández Preda (Feb 21)
- Re: syslog and network management Dave Piscitello (Feb 22)
- Re: syslog and network management Brian Loe (Feb 22)
- Re: syslog and network management Brian Loe (Feb 22)
- Firewall Placement Question jason (Feb 21)
- Re: Firewall Placement Question Aniket S. Amdekar (Feb 22)
- Re: Firewall Placement Question Dan Lynch (Feb 22)
- Re: Firewall Placement Question firewallwizards (Feb 22)
- Re: Firewall Placement Question J. Oquendo (Feb 22)
- Re: Firewall Placement Question Marcus J. Ranum (Feb 22)
- Re: Firewall Placement Question Richard Golodner (Feb 22)
- Re: Firewall Placement Question Darden, Patrick S. (Feb 22)
- Re: Firewall Placement Question Dale W. Carder (Feb 22)