Out of curiosity, can you tell us the name of the product? On Thu, Sep 22, 2011 at 1:57 PM, <[email protected]> wrote:
> We are getting a new product to report variances. It is web-based but > using LDAP to authenticate users. The way it works is that a person can log > a variance anonymously but then directors can use their AD credentials to > log in and report their findings. > My issue is that they want my two LDAP servers (which are my dc's) to have > a public IP address. Even with ACL and security, I am very uncomfortable > with having my DC's be "visible" on the 'net. From past experience of > scanning my firewall logs, I know that a lot of times, hackers (or script > kiddies) just use a range of public IP's to scan for vulnerabilities. > Am I being unduly alarmist in my concern? Do other organizations attach a > public IP to their LDAP servers? > Thanks for any opinions you can give me. I have no problem going back to > the people involved and saying ' I was wrong.' OTOH, I also have no problem > telling them no way, you need to come up with a work around. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
