Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: One computer two different networks

From: "Andrew Hay" <andrewsmhay () gmail com>
Date: Tue, 10 Oct 2006 19:59:41 -0300
If you have the budget to purchase 250 additional computers (250 *
$400 = $100,000) then I would seriously consider  investing that money
in a firewall with some sort of application layer filtering instead
(like CheckPoint/Cisco/Juniper with Websense/Aladdin/SurfControl).
Not only will you be able to protect your end users from malicious
Internet traffic but you'll be able to track policy violations (like
inappropriate site visits during company time).  You can also enable a
per-session authentication method which would help you control/protect
your users and corporate environment.

If you want some more suggestions please let me know.
--
Andrew Hay [NSA/CCSE Plus/CCNA/Security+/RHCE/GCIA/SSP-MPA/SSP-CNSA]
blog: https://www.andrewhay.ca
email: andrewsmhay || at || gmail.com

On 10/10/06, Santiago Barahona <sant-bar () dsv su se> wrote:

Hi all,

(First of all I want to apologise if I am misplacing this question, if so
I'd appreciate if anyone could point me to the right direction)

So here is the situation:

We have about 250 computers that are isolated in a high-security network,
we want to give internet access to those computer users without
compromising the secured network...of course our first thought is to buy
250 computers so the users can switch between computers (one for the
secure network, one for internet)... but that might not be most practical
solution...

So, I've been looking around and I've found a product called DATAGATE,
from Tenix which works as a "Data Diode"... looks interesting... but I'd
like to have a second opinion...

Does anyone know about other products or techniques on how to accomplish
this??

thanks!


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------




---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: