[prev in list] [next in list] [prev in thread] [next in thread]
List: firewalls-gc
Subject: None
From: robin.pollard () mail ! ing ! nl
Date: 1997-01-10 6:37:27
[Download RAW message or body]
Message-ID: <0aebc6ee839d9c87@deliver.cichlid.com>
Lines: 49
Xdeliver: processed on Fri Jan 10 06:37:21 PST 1997
Xdeliver: SENDER firewalls-owner@greatcircle.com
Xdeliver: to
Xdeliver: cc
Xdeliver: apparent_to
Xdeliver: from robin.pollard@mail.ing.nl
X400-Originator: Robin.Pollard@mail.ing.nl
X400-Recipients: firewalls@greatcircle.com
X400-Mts-Identifier: [/PRMD=ING GROEP/ADMD=400NET/C=NL/;0013700002238963000002]
X400-Content-Type: P2-1988 (22)
Message-Id: <0013700002238963000002*@MHS>
To: firewalls <firewalls@greatcircle.com>
Subject: A simple firewall requirement ?
Date: Fri, 10 Jan 1997 15:04:59 +0000
Sender: firewalls-owner@GreatCircle.COM
Precedence: bulk
I am looking at ways to provide global access to our internal mail
system (cc:Mail) for mobile users.
We have cc:Mail "post offices" where user mail is stored at various
offices throughout the globe, all linked to a central hub here via
our own VPN (TCP/IP).
The remote users need to be able to make a (TCP/IP) connection from
their laptop into the VPN and down to their PO to get mail. We have
access to X28 access points in most of the world.
I was thinking of a PPP dialup machine here, (accessed via X28), that
will route packets from a limited number of IP addresses (The mobile
users) to the IP addresses of the mail PO's only on the port cc:Mail
uses (cc0) all else is of course excluded.
Lotus claim cc:Mail sends all it's traffic well encrypted but keep the
algorithm secret :) we trust the network provider enough to be happy with
this.
What sort of hardware can do this, will a single box Linux solution do or
can it not filter in that detail ?
The PPP point is exposed to the world (or anyone who hacks our network
provider) what attacks is it open to?
Should the PPP box sit outside another filtering router incase it is
compromised or can it be locked down tight with such limited
requirements.
Any big holes I should be aware of ?
TIA,
Robin Pollard
Infrastructure Support
ING Bank International
robin.pollard@mail.ing.nl
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic