Firewall Wizards mailing list archives
Re: Shared DMZ liability
From: David Collier-Brown <davecb () canada sun com>
Date: Wed, 19 Aug 1998 11:38:00 -0400
Allen Todd wrote:
Currently, we setup a seperate DMZ for each external vendor but we are under management pressure to reduce costs for a remote office by consolidating multiple vendors onto a single interface. I am worried that the vendors will be able to see each others traffic on the DMZ and what kind of exposure this would bring to my company.
This is a classical problem in higher security environments: you have different ``categories'' of people working with you, probably with different ``levels'' of trust. This is the problem the ``orange book'' folks set out to deal with in the military world, with moderate success: my old Multics machine actually isolated uncooperative groups without making it intrusive (although I discovered later that the administration required to do so nicely was darn hard!) To answer your question literally, the exposure to your company is Anything you think you've exposed to one vendor is really exposed to all, and Anything one vendor exposes to you, you've transitively exposed to all. Without their consent. If and only if (your security policy is sufficient to define the exposure && you and all vendors agree to the policy && your implementation is error-free) can you say you've not increased your exposure to the upper bound I gave above. Personally, I would fear that the lawyer costs of getting the second correctness criteria fulfilled would exceed the proposed savings by several orders of magnitude. I suspect I could do the third with trusted Slolaris/HockyPUckX/whatever, at a cost that would be comparable to the savings. The first criteria I won't even speculate on...
Thanks for any input or references,
US Government criteria for email via untrusted third parties (i.e., your DMZ (:-)) http://www.l-3com.com/cs-east/programs/infosec/ans/SMGREPORT.html The rating process for Trusted systems: http://www.radium.ncsc.mil/tpep The Orange Book itself, in all its obfuscatory glory: http://www.radium.ncsc.mil/tpep/library/rainbow/5200.28-STD.html --dave -- David Collier-Brown, | Cherish your enemies. They're harder to 185 Ellerslie Ave., | come by than friends and more motivated. Willowdale, Ontario | davecb () canada sun com, hobbes.ss.org N2M 1Y3. 416-223-8968 | http://java.science.yorku.ca/~davecb
Current thread:
- Shared DMZ liability Allen Todd (Aug 19)
- Re: Shared DMZ liability Bennett Todd (Aug 19)
- Re: Shared DMZ liability David Collier-Brown (Aug 19)
- Re: Shared DMZ liability Frank Willoughby (Aug 19)
- Re: Shared DMZ liability Rick Smith (Aug 23)
- <Possible follow-ups>
- Re: Shared DMZ liability James Wilson (Aug 23)
- Re: Shared DMZ liability Frank Willoughby (Aug 23)
- Re[2]: Shared DMZ liability Steve . Bleazard (Aug 25)
- Re: Re[2]: Shared DMZ liability Chad Schieken (Aug 25)
- Re[4]: Shared DMZ liability Steve . Bleazard (Aug 26)