Avi,
Is cyberwall a generic category or a product name? Is the word "cyberwall"
trademarked? This isn't criticism, I'm just curious, because I haven't heard
any other company use the term "cyberwall", but whenever I hear it
referenced by you guys, it's referred to as a category of products.
Now for the technical questions:
How do you verify that the cyberwall clients have not been tampered with, or
that they are running correctly?
How do you make certain that the cyberwall client is running (with the
appropriate policies) before it connects to the remote access server? Do you
have a component that runs on the remote access server that checks to see
that the client is properly protected before allowing them to connect?
My understanding of cyberwalls is that they are installed on every device
you want to protect, much like anti-virus software is. Like some anti-virus
software, they can be centrally managed. Is this correct?
Also, I've read bunches of messages about cyberwalls ... all from Network-1.
Does anyone else have input on the products?
Jen
----- Original Message -----
From: Fogel, Avi <[EMAIL PROTECTED]>
To: David Markle <[EMAIL PROTECTED]>; 'jaeger' <[EMAIL PROTECTED]>;
'Firewalls' <[EMAIL PROTECTED]>; 'ruegamer'
<[EMAIL PROTECTED]>
Sent: Thursday, July 08, 1999 9:08 AM
Subject: RE: Subject: Remote diagnostic security
> A new category of products - cyberwalls, that performs very granular
network
> access control and intrusion prevention on the actual servers - can
> eliminate your concern, since a rule can be put on the server defining
> combinations of in/out services (ports) and IP addresses and would hence
> eliminate back-end connections by someone accessing the remote diagnosed
(or
> managed) server.
>
> If you like more info - pls send me a mail off the thread.
>
> Thanx
>
> Avi
>
> Network-1 Security Solutions, Inc.
> "Securing e-Business Networks"
>
> > -----Original Message-----
> > From: /o=citicorp/ou=DOMDI/cn=Recipients/cn=dmarkle On Behalf Of David
> > Markle
> > Sent: Thursday, July 08, 1999 8:51 AM
> > To: 'jaeger'; 'Firewalls'; 'ruegamer'
> > Subject: RE: Subject: Remote diagnostic security
> >
> > Good points. Additionally, you can use dialer call back as another
layer
> > of protection.
> >
> > -----Original Message-----
> > From: jaeger [SMTP:[EMAIL PROTECTED]]
> > Sent: Thursday, July 08, 1999 5:56 AM
> > To: Firewalls; ruegamer
> > Cc: jaeger
> > Subject: RE: Subject: Remote diagnostic security
> >
> > we recommend the following approach to this wide spread problem:
> >
> > put a RAS Server or any other remote access device in the DMZ.
> > Authenticate remote users on the firewall. Establish a rule set on
> > the
> > firewall that limits remote users access to only those systems
> > really
> > needed. Sounds to good to be true? Right, you still have the problem
> > of
> > authenticated remote users misusing the servers they have access to
> > as a
> > jump platform. To prevent this you should have an IDS in place, that
> > monitors remote users activity and enforces a security policy on the
> > server itself. You need a host based IDS to achieve that level of
> > security.
> > Alternatively you could have more than one DMZ or a second firewall,
> > where all your servers
> > are sitting behind the 1st firewall, but cannot be misused as a jump
> > platform because of the 2nd firewall.
> >
> > Karl Jaeger
> > BDG
> >
> > Peter wrote:
> >
> > >Date: Tue, 6 Jul 1999 10:53:40 +0200
> > >From: [EMAIL PROTECTED]
> > >Subject: Remote diagnostic security
> > >
> > >Hello,
> > >
> > >has anyone a suggestion how I can handle remote diagnostic access
> > to
> > >servers in our LAN. My first thought was to put the server which
> > need
> > >remote diagnostic access in the DMZ. But in this case I have to put
> > all
> > >my servers in the DMZ sooner or later. The remote diagnostic user
> > >shouldn't get any access to other servers on the LAN. Yes I know I
> > >asking for something impossible. But, if anyone has a solution
> > please
> > >let me know. Thanks in advance.
> > >
> > >Peter Ruegamer
> > >Network Administrator
> > >MTU Friedrichshafen
> > << File: jaeger.vcf >>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
