If the program is PCAnywhere, the target machine is probably NT. You may be
able to get ssh to work, but how do you work the GUI with ssh?
If I were them, I would use a VPN product like Info Express to tunnel to the
NT box, and then run PC Anywhere through the tunnel to run the functions.
Info Express does a good job at encryption, it runs over SSL or telnet
protocols, is unaffected by NAT problems, and in general does a good job.
If your parniod on the server side, use SecurID authentication tokens, and
configure the VPN to only allow access to that one host.
-----Original Message-----
From: Ron DuFresne [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 24, 2000 1:46 PM
To: Robin Harvey
Cc: '[EMAIL PROTECTED]'
Subject: Re: 3rd party access
Does pcanywhere encrypt traffic? why not an ssh tunnel or vpn client that
does?
Thanks,
Ron DuFresne
On Thu, 24 Aug 2000, Robin Harvey wrote:
> Hi,
>
> What is the most secure way of allowing developers access through our
> company firewall onto the internal network?
>
> We are thinking of opening a port on the firewall (Gauntlet 5.5 NT) and
> allowing only 2 ip addresses through. The developers will be using the
> latest version of pcanywhere to perform remote work on our SQL database.
>
> How does this sound? The ports will be open for most of the day and night.
>
> Input most welcome
>
> Regards
> RJH
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized.
If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.
*****************************************************************************
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
