'None' - MARC

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    None
From:       robin.pollard () mail ! ing ! nl
Date:       1997-01-10 6:37:27
[Download RAW message or body]

Message-ID: <0aebc6ee839d9c87@deliver.cichlid.com>
Lines:  49
Xdeliver: processed on Fri Jan 10 06:37:21 PST 1997
Xdeliver: SENDER firewalls-owner@greatcircle.com
Xdeliver: to 
Xdeliver: cc 
Xdeliver: apparent_to 
Xdeliver: from robin.pollard@mail.ing.nl

X400-Originator: Robin.Pollard@mail.ing.nl
X400-Recipients: firewalls@greatcircle.com
X400-Mts-Identifier: [/PRMD=ING GROEP/ADMD=400NET/C=NL/;0013700002238963000002]
X400-Content-Type: P2-1988 (22)
Message-Id: <0013700002238963000002*@MHS>
To: firewalls <firewalls@greatcircle.com>
Subject: A simple firewall requirement ?
Date: Fri, 10 Jan 1997 15:04:59 +0000
Sender: firewalls-owner@GreatCircle.COM
Precedence: bulk

     I am looking at ways to provide global access to our internal mail
     system (cc:Mail) for mobile users.

     We have cc:Mail "post offices" where user mail is stored at various
     offices throughout the globe, all linked to a central hub here via
     our own VPN (TCP/IP).

     The remote users need to be able to make a (TCP/IP) connection from
     their laptop into the VPN and down to their PO to get mail.  We have
     access to X28 access points in most of the world.

     I was thinking of a PPP dialup machine here, (accessed via X28), that
     will route packets from a limited number of IP addresses (The mobile
     users) to the IP addresses of the mail PO's only on the port cc:Mail
     uses (cc0) all else is of course excluded.

     Lotus claim cc:Mail sends all it's traffic well encrypted but keep the
     algorithm secret :) we trust the network provider enough to be happy with
     this.

     What sort of hardware can do this, will a single box Linux solution do or
     can it not filter in that detail ?

     The PPP point is exposed to the world (or anyone who hacks our network
     provider)  what attacks is it open to?

     Should the PPP box sit outside another filtering router incase it is
     compromised or can it be locked down tight with such limited
     requirements.

     Any big holes I should be aware of ?

     TIA,
     Robin Pollard
     Infrastructure Support
     ING Bank International
     robin.pollard@mail.ing.nl

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic