Connie,
I assume this problem has or will have the majority of companies worldwide.
But, you don't find any documentation describing firewall architectures
which you simply apply. There's no all-in-one solution or something like
this, even if most secrurity companies claim to have one. Always, if you'd
like to secure applications, services and communications it's essential to
take a look behing the scenes: How does the communication work? Where are
potential exploints? Could I proxy the aaps? What about NAT? Consider
everything, even if you already have an installed firewalling complex.
For you problem with access of externals to internal ressources, I would
suggest usage of encryption (for integrity of your data), certificate
techniques (for authentication and authorization of each individual) and
directory services (for access control to particular hosts, services, files
and directories).
For sure, nobody is interested in broadcasting his solution in detail,
because secret is one part of security.
Maybe, we could discuss it more detailed if you cantact me directly:
[EMAIL PROTECTED]
Kindly regards
Norbert Schaar
Firewall Team - Network Security Services
Dresdner Global IT Services - DreGIS
Dresdner Bank AG
-----Original Message-----
From: Sadler, Connie J [mailto:[EMAIL PROTECTED]]
Sent: Dienstag, 19. Januar 1999 16:24
To: '[EMAIL PROTECTED]'
Subject: Firewall Architecture for EC
Does anybody have some documentation on firewall architectures for
InTRAnets? We currently utilize DMZ architectures, perimeter firewalls,
authentication through the perimeter, and some internally protected
enclaves, but what kind of design will accommodate the pressures necessary
to control access for vendors, suppliers, foreign employees, partners on
joint ventures (who also compete on other contracts), customers, etc., all
needing access to information internal to the network?? Even if we move most
of these machines into a DMZ, access controls within that DMZ are still
necessary! The architecture is complex, and the migration to a new design
even more difficult. Anyway, I'm just fishing for some new ideas and any
constructive comments will be appreciated.
Thanks...
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
