RE: Protocol enforcement

["Steve Armstrong" <stevearmstrong () logicallysecure com>]

It depends upon the service, where it is from and where it is going to.  

If it is an 'any internal' to 'any external' you would be accepting a higher
risk than from a single desktop to a identified server on the internet/less
secure LAN.

What's the service? Skype? (LOL) And are you sure it is only one outbound
port?


Steve Armstrong
 
Logically Secure         

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of myauthoritah () gmail com
Sent: 06 March 2009 17:42
To: security-basics () securityfocus com
Subject: Protocol enforement

I have an environment where Checkpoint Smart Defense is causing problems
with SSL web traffic. The specific SSL traffic does not appear to be RFC
compliant (big surprise). Protocol enforcement of 443 is problem. 



How much risk would I be accepting by shutting down the protocol enforcement
on the Checkpoint.



Googling did very little to help.



Security is getting in the way of availability. 



VR, Slinger

The information contained in this e-Mail and any subsequent correspondence is private and is intended solely for the 
intended recipient(s). The information in this communication may be confidential and/or legally privileged. Nothing in 
this e-mail is intended to conclude a contract on behalf of Logically Secure Ltd or make Logically Secure Ltd subject 
to any other legally binding commitments, unless the e-mail contains an express statement to the contrary or 
incorporates a formal Purchase Order.  For persons other than the intended recipient any disclosure, copying, 
distribution, or any action taken or omitted to be taken in reliance on such information is prohibited and may be 
unlawful.

Registered in England and Wales No: 05967368.  Registered Office: 36 Tudor Road, Lincoln, LN6 3LL.

Attachment: smime.p7s
Description: