I guess you agreed or at least sympathised with my views then ? :) As to the war - England and France have been at war so many times in the last 1000 years, you could be referring to one of a dozen historic moments :)
As to your analogy - I rather see the situation of multiple forests are an increase in attack surface (for the attacker) rather than as a decrease in defensive walls, personally :) neil -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: 13 March 2006 08:51 To: [email protected] Subject: Re: [ActiveDir] Securing that DC ( the physical question) The statement... "So protect those domain controllers! No, they don't store your company secrets; yes, they're pretty much just plumbing in your network" wanna make a bet? ...certainly not exactly in SBSland ... we kinda have the kitchen sink up there. And to me... those passwords are a pretty important part of my company's secrets. And whether you are SBS where we have a schrub or the Sierra National Forest of Domains...isn't that still important? At the same time...there's times as much as I'm thinking I'm insane for all on one box, I know that I sure pay attention to that one box... There's something to be said about having less things to look at. <insane comments feel free to disregard> There was either a History channel or a PBS show on a famous battle back ages and ages ago (sorry..forget the King but I think it was England and France) and when the army stayed together in a clump and attacked as a clump the smaller army was actually holding their own and making an impact. When they army spread out and broke rank and started to run after the attackers and thus opened up a entry point.... anyway you get my drift. The Art of War says: If he prepares to defend many places, then the forces will be few in number. Therefore, if he prepares to defend the front, the back will be weak. If he prepares to defend the back, the front will be weak. If he prepares to defend the left, the right will be weak. If he prepares to defend the right, the left will be weak. If he prepares to defend everywhere, everywhere will be weak. There's an implied thought to that blog...and maybe it's just me in reading that undercurrent in seeing what has happened in my world and in my sister's larger implementations. Consultants cannot know your firm like you do. And they don't always get the right people at the table to talk to. The bosses listen to the consultants and sales folks when they should be listening to the people who work at the firm and getting their input. [EMAIL PROTECTED] wrote: > The suggestion that we all deploy multiple forests as a way of > lessening the risk is a bit of a 'cop out' :) > > That sounds as though he's suggesting the only way to secure the > environment is to spread it more thinly across more and more forests! > The more forests I deploy, the more cost I incur to the business. The > more costs I incur to the business, the more awkward questions I > receive asking why we don't consider other offerings in the NOS space > :) > > Perhaps I'm too cynical on Monday mornings :) > > > neil > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Susan > Bradley, CPA aka Ebitz - SBS Rocks [MVP] > Sent: 11 March 2006 07:39 > To: [email protected] > Subject: [ActiveDir] Securing that DC ( the physical question) > > http://blogs.technet.com/steriley/archive/2006/03/10/421782.aspx > > (The Seattle Riley clan) > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > PLEASE READ: The information contained in this email is confidential > and intended for the named recipient(s) only. If you are not an > intended recipient of this email please notify the sender immediately > and delete your copy from your system. You must not copy, distribute > or take any further action in reliance on it. Email is not a secure > method of communication and Nomura International plc ('NIplc') will > not, to the extent permitted by law, accept responsibility or > liability for (a) the accuracy or completeness of, or (b) the presence > of any virus, worm or similar malicious or disabling code in, this > message or any attachment(s) to it. If verification of this email is > sought then please request a hard copy. Unless otherwise stated this > email: (1) is not, and should not be treated or relied upon as, > investment research; (2) contains views or opinions that are solely > those of the author and do not necessarily represent those of NIplc; > (3) is intended for informational purposes only and is not a > recommendation, solicitation or offer to buy or sell securities or > related financial instruments. NIplc does not provide investment > services to private customers. Authorised and regulated by the > Financial Services Authority. Registered in England no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand, London, EC1A 4NP. A member of the Nomura group of companies. > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must not copy, distribute or take any further action in reliance on it. Email is not a secure method of communication and Nomura International plc ('NIplc') will not, to the extent permitted by law, accept responsibility or liability for (a) the accuracy or completeness of, or (b) the presence of any virus, worm or similar malicious or disabling code in, this message or any attachment(s) to it. If verification of this email is sought then please request a hard copy. Unless otherwise stated this email: (1) is not, and should not be treated or relied upon as, investment research; (2) contains views or opinions that are solely those of the author and do not necessarily represent those of NIplc; (3) is intended for informational purposes only and is not a recommendation, solicitation or offer to buy or sell securities or related financial instruments. NIplc does not provide investment services to private customers. Authorised and regulated by the Financial Services Authority. Registered in England no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand, London, EC1A 4NP. A member of the Nomura group of companies. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
