It would make sense to me to limit access. Your dial in system offers a point of potential compromise, so why not limit the access that anyone would have getting in through there. Also, while I'm not familiar with the Shiva box, typically a user could get internet access by dialing into your network and using the corporate access. A company might object to that, and this would be a way to prevent such abuses. Remember, It's only paranoia if people aren't actually out to get you
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Fran Boudraux > Sent: Wednesday, March 13, 2002 1:28 PM > To: [EMAIL PROTECTED] > Subject: general considerations > > > I have SHIVA box for dial-in connections.When users dial in they're > authenticated and gain access to all the network, but in fact > they only need > to connect to citrix server. > I don't think it is a correct setup and I want to throw in some Linux > firewall between SHIVA box and lan, allowing only incoming > citrix traffic. > Should I really separate it with firewall or am I being > paranoid? Any other > recommendations regarding this setup/ > thx. > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls > _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
