At 12:06 PM 1/26/99 -0500, Blanco, Juan wrote:
> I need help, some of my users need to have access to their Bank
>accounts via our Firewall1(checkpoint). When they do this via the
You might not actually be leaving out these steps, but every once in a
while after I see about 10 of these posts that sound like "just tell me how
to get a service through the firewall," I think it instructional to remind
ourselves of a few things.
First, what does your security policy say? Mechanically you may be able to
get this through the firewall, but procedureally, what are you supposed to do?
Second, is there a business requirement for the service? I suspect so,
given the nature of your organization, but it wasn't clear by your wording.
Third, what does your risk assessment of the protocols used indicate? If
the service is not yet allowed in your policy, presumably you need to do a
basic risk assessment of it before you can allow it. What protocols are
used by the Citibank program? Can they be safely allowed through your firewall?
Last, if allowed by the above, what do you have to do to allow it. This
last question is almost surely the easiest, but the answer you get can be
useless or dangerous and useless if the previous three questions aren't asked.
Fred
Avolio Consulting
16228 Frederick Road, PO Box 609, Lisbon, MD 21765
410-309-6910 (voice) 410-309-6911 (fax)
http://www.avolio.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
