Firewall Wizards mailing list archives

Re: Too Paranoid?

From: Kevin Steves <stevesk () pobox com>
Date: Tue, 1 Oct 2002 20:35:47 -0700

On Sun, Sep 29, 2002 at 12:25:27PM -0400, Paul D. Robertson wrote:

I've had this fight with personnel/benifits systems before, and once we 
got to the "it needs these two TCP ports" place, isolating it wasn't all 
that difficult.


It tends to boild down to: we have a strong business need for this
application, we need to figure out how best to configure and secure it
in our environment--at least at the financial type places I've worked
at.

Wide port ranges, UDP use, IP multicast, HA, dynamic routing, strange
DNS usage--consider it a challenge for the design skills.  I've
generally found the vendors willing to work with you to come up with a
configuration that can be acceptable, but it can be a challenge.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Too Paranoid? Kevin Steves (Oct 02)
- Re: Too Paranoid? Ryan M. Ferris (Oct 02)
- <Possible follow-ups>
- Re: Too Paranoid? Mark Tinberg (Oct 02)