RE: Firewall(s) "maxed" out

[JSK <jsk347 () sprynet com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sharon:

I'll be the first to say I've not looked at this 'visto' till just
now, and I only took a peek at it.  I can't figure much about them
from their web site, but I would have a REAL SERIOUS CONCERN with
users having their (sometimes sensitive) company e-mail sent to an
outside location, where it can be hacked/read/snooped/sniffed (blah
blah) by anyone.  Have you looked at this 'background' job your users
run to see what ELSE it might be sending out?  How secure is it? Has
anyone looked at the code to see what it is really doing? 

You spend a lot of money maintaining firewalls to keep the outside
world at bay. You try to ensure that your confidential internal
e-mail's regarding the complany business STAY confidential.  Are you
sure policy allows this?  It SEEMS like this would not be a good thing
to me.  Call me wild and crazy...not to mention just plain paranoid!

JSK

At 12:54 PM 10/15/1999 -0400, Regan, Sharon wrote:
> Hi: 
>
> Sorry for the delay in getting back to you, but we're a three person
> internetwork shop supporting a user population of 5,000 +
>
> Anyway, I believe we have found the new "killer" app.  There are all
types
> of these free e-mail "services" (if you will), like yahoomail and
hotmail,
> etc.  Well, there's this new one called visto.
>
> What this one does is allow a user to "synchronize" his/her regular
> (company) e-mail with his/her visto mail, calendar, etc., such that,
> whenever a new message arrives in the corporate mailbox, you see it
in the
> visto mailbox.  The users download an app from visto which runs in
the
> background on the office desktop machine, and which then tunnels data
back
> to visto inside of HTTP.  So, on the surface of things, it just looks
like a
> regular browser session.
>
> We're finding increasing numbers of users availing themselves of this
> "service" .... word spreads like wildfire among the masses  .... our
> firewalls work harder, longer, require more disk space to log all
this
> stuff, there is additional traffic on the Internet T-1 (which is not
there
> for the exclusive use of employees ... we actually do e-business ! ),
etc.
> I've rebuilt my kernel and added more disk space since I posted to
the list,
> but I'm seriously considering putting an access-list on the serial
interface
> of my internet edge router and be done with it, once and for all.
>
> Sharon 
- ----> Stuff deleted to save bandwidth...

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3

iQA/AwUBOAqT6OZ40Wmdt8j7EQLBNwCfa6hCJr08TDIruVfxnSPVsC0oq+oAoOiy
9qVsc/lEHG4tdqacfnFHBv5v
=rjL0
-----END PGP SIGNATURE-----

Strong encryption on the net without trapdoors, backdoors, key recovery
or key escrow must be a worldwide right for the net to survive. Make the
net a safer place for your data...learn to use strong encryption today!
PGP KeyID: 0x9DB7C8FB
PGP Fingerprint: 6F80 6F39 33F2 195A 0937  A91D E678 D169 9DB7 C8FB